Update openjdk #9532
Merged
Update openjdk #9532
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Changes: - docker-library/openjdk@fabe159: Merge pull request docker-library/openjdk#450 from infosiftr/jq-template - docker-library/openjdk@3fec004: Add initial jq-based templating engine - docker-library/openjdk@772b9df: Update to 17-ea+7 - docker-library/openjdk@b1e43c4: Update to 16-ea+34 - docker-library/openjdk@ca05bb8: Update to 11.0.10 - docker-library/openjdk@85ee20d: Update to 11.0.10 - docker-library/openjdk@eb8dd38: Update to 11.0.10 - docker-library/openjdk@bcae6e1: Update to 11.0.10
Diff for 1419c07:diff --git a/_bashbrew-cat b/_bashbrew-cat
index 36facc6..e79597c 100644
--- a/_bashbrew-cat
+++ b/_bashbrew-cat
@@ -3,272 +3,284 @@ GitRepo: https://github.com/docker-library/openjdk.git
Tags: 8u282-jdk-buster, 8u282-buster, 8-jdk-buster, 8-buster
SharedTags: 8u282-jdk, 8u282, 8-jdk, 8
-GitCommit: 7255641da223700b33e8a097bda831fee23dd62c
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 8/jdk/buster
Tags: 8u282-jdk-nanoserver-1809, 8u282-nanoserver-1809, 8-jdk-nanoserver-1809, 8-nanoserver-1809
SharedTags: 8u282-jdk-nanoserver, 8u282-nanoserver, 8-jdk-nanoserver, 8-nanoserver
Architectures: windows-amd64
-GitCommit: 7255641da223700b33e8a097bda831fee23dd62c
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 8/jdk/windows/nanoserver-1809
Constraints: nanoserver-1809, windowsservercore-1809
Tags: 8u282-jdk-oraclelinux7, 8u282-oraclelinux7, 8-jdk-oraclelinux7, 8-oraclelinux7
-GitCommit: 7255641da223700b33e8a097bda831fee23dd62c
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 8/jdk/oraclelinux7
Tags: 8u282-jdk-oraclelinux8, 8u282-oraclelinux8, 8-jdk-oraclelinux8, 8-oraclelinux8, 8u282-jdk-oracle, 8u282-oracle, 8-jdk-oracle, 8-oracle
-GitCommit: 7255641da223700b33e8a097bda831fee23dd62c
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 8/jdk/oraclelinux8
Tags: 8u282-jdk-slim-buster, 8u282-slim-buster, 8-jdk-slim-buster, 8-slim-buster, 8u282-jdk-slim, 8u282-slim, 8-jdk-slim, 8-slim
-GitCommit: 7255641da223700b33e8a097bda831fee23dd62c
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 8/jdk/slim-buster
Tags: 8u282-jdk-windowsservercore-1809, 8u282-windowsservercore-1809, 8-jdk-windowsservercore-1809, 8-windowsservercore-1809
SharedTags: 8u282-jdk-windowsservercore, 8u282-windowsservercore, 8-jdk-windowsservercore, 8-windowsservercore, 8u282-jdk, 8u282, 8-jdk, 8
Architectures: windows-amd64
-GitCommit: 7255641da223700b33e8a097bda831fee23dd62c
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 8/jdk/windows/windowsservercore-1809
Constraints: windowsservercore-1809
Tags: 8u282-jdk-windowsservercore-ltsc2016, 8u282-windowsservercore-ltsc2016, 8-jdk-windowsservercore-ltsc2016, 8-windowsservercore-ltsc2016
SharedTags: 8u282-jdk-windowsservercore, 8u282-windowsservercore, 8-jdk-windowsservercore, 8-windowsservercore, 8u282-jdk, 8u282, 8-jdk, 8
Architectures: windows-amd64
-GitCommit: 7255641da223700b33e8a097bda831fee23dd62c
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 8/jdk/windows/windowsservercore-ltsc2016
Constraints: windowsservercore-ltsc2016
Tags: 8u282-jre-buster, 8-jre-buster
SharedTags: 8u282-jre, 8-jre
-GitCommit: 7255641da223700b33e8a097bda831fee23dd62c
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 8/jre/buster
Tags: 8u282-jre-nanoserver-1809, 8-jre-nanoserver-1809
SharedTags: 8u282-jre-nanoserver, 8-jre-nanoserver
Architectures: windows-amd64
-GitCommit: 7255641da223700b33e8a097bda831fee23dd62c
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 8/jre/windows/nanoserver-1809
Constraints: nanoserver-1809, windowsservercore-1809
Tags: 8u282-jre-slim-buster, 8-jre-slim-buster, 8u282-jre-slim, 8-jre-slim
-GitCommit: 7255641da223700b33e8a097bda831fee23dd62c
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 8/jre/slim-buster
Tags: 8u282-jre-windowsservercore-1809, 8-jre-windowsservercore-1809
SharedTags: 8u282-jre-windowsservercore, 8-jre-windowsservercore, 8u282-jre, 8-jre
Architectures: windows-amd64
-GitCommit: 7255641da223700b33e8a097bda831fee23dd62c
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 8/jre/windows/windowsservercore-1809
Constraints: windowsservercore-1809
Tags: 8u282-jre-windowsservercore-ltsc2016, 8-jre-windowsservercore-ltsc2016
SharedTags: 8u282-jre-windowsservercore, 8-jre-windowsservercore, 8u282-jre, 8-jre
Architectures: windows-amd64
-GitCommit: 7255641da223700b33e8a097bda831fee23dd62c
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 8/jre/windows/windowsservercore-ltsc2016
Constraints: windowsservercore-ltsc2016
Tags: 11.0.10-jdk-buster, 11.0.10-buster, 11.0-jdk-buster, 11.0-buster, 11-jdk-buster, 11-buster
SharedTags: 11.0.10-jdk, 11.0.10, 11.0-jdk, 11.0, 11-jdk, 11
Architectures: amd64, arm64v8
-GitCommit: 69023d13a209c206c1e676b3f97843a0ee208402
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 11/jdk/buster
Tags: 11.0.10-jdk-nanoserver-1809, 11.0.10-nanoserver-1809, 11.0-jdk-nanoserver-1809, 11.0-nanoserver-1809, 11-jdk-nanoserver-1809, 11-nanoserver-1809
SharedTags: 11.0.10-jdk-nanoserver, 11.0.10-nanoserver, 11.0-jdk-nanoserver, 11.0-nanoserver, 11-jdk-nanoserver, 11-nanoserver
Architectures: windows-amd64
-GitCommit: c464770f5765a0bc8b7498a8683bc6c9144796da
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 11/jdk/windows/nanoserver-1809
Constraints: nanoserver-1809, windowsservercore-1809
Tags: 11.0.10-jdk-oraclelinux7, 11.0.10-oraclelinux7, 11.0-jdk-oraclelinux7, 11.0-oraclelinux7, 11-jdk-oraclelinux7, 11-oraclelinux7
Architectures: amd64, arm64v8
-GitCommit: 69023d13a209c206c1e676b3f97843a0ee208402
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 11/jdk/oraclelinux7
Tags: 11.0.10-jdk-oraclelinux8, 11.0.10-oraclelinux8, 11.0-jdk-oraclelinux8, 11.0-oraclelinux8, 11-jdk-oraclelinux8, 11-oraclelinux8, 11.0.10-jdk-oracle, 11.0.10-oracle, 11.0-jdk-oracle, 11.0-oracle, 11-jdk-oracle, 11-oracle
Architectures: amd64, arm64v8
-GitCommit: 69023d13a209c206c1e676b3f97843a0ee208402
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 11/jdk/oraclelinux8
Tags: 11.0.10-jdk-slim-buster, 11.0.10-slim-buster, 11.0-jdk-slim-buster, 11.0-slim-buster, 11-jdk-slim-buster, 11-slim-buster, 11.0.10-jdk-slim, 11.0.10-slim, 11.0-jdk-slim, 11.0-slim, 11-jdk-slim, 11-slim
Architectures: amd64, arm64v8
-GitCommit: 69023d13a209c206c1e676b3f97843a0ee208402
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 11/jdk/slim-buster
Tags: 11.0.10-jdk-windowsservercore-1809, 11.0.10-windowsservercore-1809, 11.0-jdk-windowsservercore-1809, 11.0-windowsservercore-1809, 11-jdk-windowsservercore-1809, 11-windowsservercore-1809
SharedTags: 11.0.10-jdk-windowsservercore, 11.0.10-windowsservercore, 11.0-jdk-windowsservercore, 11.0-windowsservercore, 11-jdk-windowsservercore, 11-windowsservercore, 11.0.10-jdk, 11.0.10, 11.0-jdk, 11.0, 11-jdk, 11
Architectures: windows-amd64
-GitCommit: c464770f5765a0bc8b7498a8683bc6c9144796da
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 11/jdk/windows/windowsservercore-1809
Constraints: windowsservercore-1809
Tags: 11.0.10-jdk-windowsservercore-ltsc2016, 11.0.10-windowsservercore-ltsc2016, 11.0-jdk-windowsservercore-ltsc2016, 11.0-windowsservercore-ltsc2016, 11-jdk-windowsservercore-ltsc2016, 11-windowsservercore-ltsc2016
SharedTags: 11.0.10-jdk-windowsservercore, 11.0.10-windowsservercore, 11.0-jdk-windowsservercore, 11.0-windowsservercore, 11-jdk-windowsservercore, 11-windowsservercore, 11.0.10-jdk, 11.0.10, 11.0-jdk, 11.0, 11-jdk, 11
Architectures: windows-amd64
-GitCommit: c464770f5765a0bc8b7498a8683bc6c9144796da
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 11/jdk/windows/windowsservercore-ltsc2016
Constraints: windowsservercore-ltsc2016
Tags: 11.0.10-jre-buster, 11.0-jre-buster, 11-jre-buster
SharedTags: 11.0.10-jre, 11.0-jre, 11-jre
Architectures: amd64, arm64v8
-GitCommit: c464770f5765a0bc8b7498a8683bc6c9144796da
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 11/jre/buster
Tags: 11.0.10-jre-nanoserver-1809, 11.0-jre-nanoserver-1809, 11-jre-nanoserver-1809
SharedTags: 11.0.10-jre-nanoserver, 11.0-jre-nanoserver, 11-jre-nanoserver
Architectures: windows-amd64
-GitCommit: c464770f5765a0bc8b7498a8683bc6c9144796da
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 11/jre/windows/nanoserver-1809
Constraints: nanoserver-1809, windowsservercore-1809
Tags: 11.0.10-jre-slim-buster, 11.0-jre-slim-buster, 11-jre-slim-buster, 11.0.10-jre-slim, 11.0-jre-slim, 11-jre-slim
Architectures: amd64, arm64v8
-GitCommit: c464770f5765a0bc8b7498a8683bc6c9144796da
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 11/jre/slim-buster
Tags: 11.0.10-jre-windowsservercore-1809, 11.0-jre-windowsservercore-1809, 11-jre-windowsservercore-1809
SharedTags: 11.0.10-jre-windowsservercore, 11.0-jre-windowsservercore, 11-jre-windowsservercore, 11.0.10-jre, 11.0-jre, 11-jre
Architectures: windows-amd64
-GitCommit: c464770f5765a0bc8b7498a8683bc6c9144796da
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 11/jre/windows/windowsservercore-1809
Constraints: windowsservercore-1809
Tags: 11.0.10-jre-windowsservercore-ltsc2016, 11.0-jre-windowsservercore-ltsc2016, 11-jre-windowsservercore-ltsc2016
SharedTags: 11.0.10-jre-windowsservercore, 11.0-jre-windowsservercore, 11-jre-windowsservercore, 11.0.10-jre, 11.0-jre, 11-jre
Architectures: windows-amd64
-GitCommit: c464770f5765a0bc8b7498a8683bc6c9144796da
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 11/jre/windows/windowsservercore-ltsc2016
Constraints: windowsservercore-ltsc2016
Tags: 15.0.2-jdk-buster, 15.0.2-buster, 15.0-jdk-buster, 15.0-buster, 15-jdk-buster, 15-buster, jdk-buster, buster
Architectures: amd64, arm64v8
-GitCommit: a6515ca1ad79b6b886bb69ebe80374b61202addb
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 15/jdk/buster
Tags: 15.0.2-jdk-nanoserver-1809, 15.0.2-nanoserver-1809, 15.0-jdk-nanoserver-1809, 15.0-nanoserver-1809, 15-jdk-nanoserver-1809, 15-nanoserver-1809, jdk-nanoserver-1809, nanoserver-1809
SharedTags: 15.0.2-jdk-nanoserver, 15.0.2-nanoserver, 15.0-jdk-nanoserver, 15.0-nanoserver, 15-jdk-nanoserver, 15-nanoserver, jdk-nanoserver, nanoserver
Architectures: windows-amd64
-GitCommit: a6515ca1ad79b6b886bb69ebe80374b61202addb
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 15/jdk/windows/nanoserver-1809
Constraints: nanoserver-1809, windowsservercore-1809
Tags: 15.0.2-jdk-oraclelinux7, 15.0.2-oraclelinux7, 15.0-jdk-oraclelinux7, 15.0-oraclelinux7, 15-jdk-oraclelinux7, 15-oraclelinux7, jdk-oraclelinux7, oraclelinux7
Architectures: amd64, arm64v8
-GitCommit: a6515ca1ad79b6b886bb69ebe80374b61202addb
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 15/jdk/oraclelinux7
Tags: 15.0.2-jdk-oraclelinux8, 15.0.2-oraclelinux8, 15.0-jdk-oraclelinux8, 15.0-oraclelinux8, 15-jdk-oraclelinux8, 15-oraclelinux8, jdk-oraclelinux8, oraclelinux8, 15.0.2-jdk-oracle, 15.0.2-oracle, 15.0-jdk-oracle, 15.0-oracle, 15-jdk-oracle, 15-oracle, jdk-oracle, oracle
SharedTags: 15.0.2-jdk, 15.0.2, 15.0-jdk, 15.0, 15-jdk, 15, jdk, latest
Architectures: amd64, arm64v8
-GitCommit: a6515ca1ad79b6b886bb69ebe80374b61202addb
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 15/jdk/oraclelinux8
Tags: 15.0.2-jdk-slim-buster, 15.0.2-slim-buster, 15.0-jdk-slim-buster, 15.0-slim-buster, 15-jdk-slim-buster, 15-slim-buster, jdk-slim-buster, slim-buster, 15.0.2-jdk-slim, 15.0.2-slim, 15.0-jdk-slim, 15.0-slim, 15-jdk-slim, 15-slim, jdk-slim, slim
Architectures: amd64, arm64v8
-GitCommit: a6515ca1ad79b6b886bb69ebe80374b61202addb
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 15/jdk/slim-buster
Tags: 15.0.2-jdk-windowsservercore-1809, 15.0.2-windowsservercore-1809, 15.0-jdk-windowsservercore-1809, 15.0-windowsservercore-1809, 15-jdk-windowsservercore-1809, 15-windowsservercore-1809, jdk-windowsservercore-1809, windowsservercore-1809
SharedTags: 15.0.2-jdk-windowsservercore, 15.0.2-windowsservercore, 15.0-jdk-windowsservercore, 15.0-windowsservercore, 15-jdk-windowsservercore, 15-windowsservercore, jdk-windowsservercore, windowsservercore, 15.0.2-jdk, 15.0.2, 15.0-jdk, 15.0, 15-jdk, 15, jdk, latest
Architectures: windows-amd64
-GitCommit: a6515ca1ad79b6b886bb69ebe80374b61202addb
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 15/jdk/windows/windowsservercore-1809
Constraints: windowsservercore-1809
Tags: 15.0.2-jdk-windowsservercore-ltsc2016, 15.0.2-windowsservercore-ltsc2016, 15.0-jdk-windowsservercore-ltsc2016, 15.0-windowsservercore-ltsc2016, 15-jdk-windowsservercore-ltsc2016, 15-windowsservercore-ltsc2016, jdk-windowsservercore-ltsc2016, windowsservercore-ltsc2016
SharedTags: 15.0.2-jdk-windowsservercore, 15.0.2-windowsservercore, 15.0-jdk-windowsservercore, 15.0-windowsservercore, 15-jdk-windowsservercore, 15-windowsservercore, jdk-windowsservercore, windowsservercore, 15.0.2-jdk, 15.0.2, 15.0-jdk, 15.0, 15-jdk, 15, jdk, latest
Architectures: windows-amd64
-GitCommit: a6515ca1ad79b6b886bb69ebe80374b61202addb
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 15/jdk/windows/windowsservercore-ltsc2016
Constraints: windowsservercore-ltsc2016
-Tags: 16-ea-32-jdk-alpine3.12, 16-ea-32-alpine3.12, 16-ea-jdk-alpine3.12, 16-ea-alpine3.12, 16-jdk-alpine3.12, 16-alpine3.12, 16-ea-32-jdk-alpine, 16-ea-32-alpine, 16-ea-jdk-alpine, 16-ea-alpine, 16-jdk-alpine, 16-alpine
-GitCommit: 7c1aa2acd512c1eba6ac0343f085975596648a0f
+Tags: 16-ea-32-jdk-alpine3.12, 16-ea-32-alpine3.12, 16-ea-jdk-alpine3.12, 16-ea-alpine3.12, 16-jdk-alpine3.12, 16-alpine3.12
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 16/jdk/alpine3.12
-Tags: 16-ea-33-jdk-buster, 16-ea-33-buster, 16-ea-jdk-buster, 16-ea-buster, 16-jdk-buster, 16-buster
+Tags: 16-ea-32-jdk-alpine3.13, 16-ea-32-alpine3.13, 16-ea-jdk-alpine3.13, 16-ea-alpine3.13, 16-jdk-alpine3.13, 16-alpine3.13, 16-ea-32-jdk-alpine, 16-ea-32-alpine, 16-ea-jdk-alpine, 16-ea-alpine, 16-jdk-alpine, 16-alpine
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
+Directory: 16/jdk/alpine3.13
+
+Tags: 16-ea-34-jdk-buster, 16-ea-34-buster, 16-ea-jdk-buster, 16-ea-buster, 16-jdk-buster, 16-buster
Architectures: amd64, arm64v8
-GitCommit: 3f4ad224491abfb5ea96a80cbaf4ff7f1b8d9c66
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 16/jdk/buster
-Tags: 16-ea-33-jdk-nanoserver-1809, 16-ea-33-nanoserver-1809, 16-ea-jdk-nanoserver-1809, 16-ea-nanoserver-1809, 16-jdk-nanoserver-1809, 16-nanoserver-1809
-SharedTags: 16-ea-33-jdk-nanoserver, 16-ea-33-nanoserver, 16-ea-jdk-nanoserver, 16-ea-nanoserver, 16-jdk-nanoserver, 16-nanoserver
+Tags: 16-ea-34-jdk-nanoserver-1809, 16-ea-34-nanoserver-1809, 16-ea-jdk-nanoserver-1809, 16-ea-nanoserver-1809, 16-jdk-nanoserver-1809, 16-nanoserver-1809
+SharedTags: 16-ea-34-jdk-nanoserver, 16-ea-34-nanoserver, 16-ea-jdk-nanoserver, 16-ea-nanoserver, 16-jdk-nanoserver, 16-nanoserver
Architectures: windows-amd64
-GitCommit: 3f4ad224491abfb5ea96a80cbaf4ff7f1b8d9c66
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 16/jdk/windows/nanoserver-1809
Constraints: nanoserver-1809, windowsservercore-1809
-Tags: 16-ea-33-jdk-oraclelinux7, 16-ea-33-oraclelinux7, 16-ea-jdk-oraclelinux7, 16-ea-oraclelinux7, 16-jdk-oraclelinux7, 16-oraclelinux7
+Tags: 16-ea-34-jdk-oraclelinux7, 16-ea-34-oraclelinux7, 16-ea-jdk-oraclelinux7, 16-ea-oraclelinux7, 16-jdk-oraclelinux7, 16-oraclelinux7
Architectures: amd64, arm64v8
-GitCommit: 3f4ad224491abfb5ea96a80cbaf4ff7f1b8d9c66
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 16/jdk/oraclelinux7
-Tags: 16-ea-33-jdk-oraclelinux8, 16-ea-33-oraclelinux8, 16-ea-jdk-oraclelinux8, 16-ea-oraclelinux8, 16-jdk-oraclelinux8, 16-oraclelinux8, 16-ea-33-jdk-oracle, 16-ea-33-oracle, 16-ea-jdk-oracle, 16-ea-oracle, 16-jdk-oracle, 16-oracle
-SharedTags: 16-ea-33-jdk, 16-ea-33, 16-ea-jdk, 16-ea, 16-jdk, 16
+Tags: 16-ea-34-jdk-oraclelinux8, 16-ea-34-oraclelinux8, 16-ea-jdk-oraclelinux8, 16-ea-oraclelinux8, 16-jdk-oraclelinux8, 16-oraclelinux8, 16-ea-34-jdk-oracle, 16-ea-34-oracle, 16-ea-jdk-oracle, 16-ea-oracle, 16-jdk-oracle, 16-oracle
+SharedTags: 16-ea-34-jdk, 16-ea-34, 16-ea-jdk, 16-ea, 16-jdk, 16
Architectures: amd64, arm64v8
-GitCommit: 3f4ad224491abfb5ea96a80cbaf4ff7f1b8d9c66
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 16/jdk/oraclelinux8
-Tags: 16-ea-33-jdk-slim-buster, 16-ea-33-slim-buster, 16-ea-jdk-slim-buster, 16-ea-slim-buster, 16-jdk-slim-buster, 16-slim-buster, 16-ea-33-jdk-slim, 16-ea-33-slim, 16-ea-jdk-slim, 16-ea-slim, 16-jdk-slim, 16-slim
+Tags: 16-ea-34-jdk-slim-buster, 16-ea-34-slim-buster, 16-ea-jdk-slim-buster, 16-ea-slim-buster, 16-jdk-slim-buster, 16-slim-buster, 16-ea-34-jdk-slim, 16-ea-34-slim, 16-ea-jdk-slim, 16-ea-slim, 16-jdk-slim, 16-slim
Architectures: amd64, arm64v8
-GitCommit: 3f4ad224491abfb5ea96a80cbaf4ff7f1b8d9c66
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 16/jdk/slim-buster
-Tags: 16-ea-33-jdk-windowsservercore-1809, 16-ea-33-windowsservercore-1809, 16-ea-jdk-windowsservercore-1809, 16-ea-windowsservercore-1809, 16-jdk-windowsservercore-1809, 16-windowsservercore-1809
-SharedTags: 16-ea-33-jdk-windowsservercore, 16-ea-33-windowsservercore, 16-ea-jdk-windowsservercore, 16-ea-windowsservercore, 16-jdk-windowsservercore, 16-windowsservercore, 16-ea-33-jdk, 16-ea-33, 16-ea-jdk, 16-ea, 16-jdk, 16
+Tags: 16-ea-34-jdk-windowsservercore-1809, 16-ea-34-windowsservercore-1809, 16-ea-jdk-windowsservercore-1809, 16-ea-windowsservercore-1809, 16-jdk-windowsservercore-1809, 16-windowsservercore-1809
+SharedTags: 16-ea-34-jdk-windowsservercore, 16-ea-34-windowsservercore, 16-ea-jdk-windowsservercore, 16-ea-windowsservercore, 16-jdk-windowsservercore, 16-windowsservercore, 16-ea-34-jdk, 16-ea-34, 16-ea-jdk, 16-ea, 16-jdk, 16
Architectures: windows-amd64
-GitCommit: 3f4ad224491abfb5ea96a80cbaf4ff7f1b8d9c66
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 16/jdk/windows/windowsservercore-1809
Constraints: windowsservercore-1809
-Tags: 16-ea-33-jdk-windowsservercore-ltsc2016, 16-ea-33-windowsservercore-ltsc2016, 16-ea-jdk-windowsservercore-ltsc2016, 16-ea-windowsservercore-ltsc2016, 16-jdk-windowsservercore-ltsc2016, 16-windowsservercore-ltsc2016
-SharedTags: 16-ea-33-jdk-windowsservercore, 16-ea-33-windowsservercore, 16-ea-jdk-windowsservercore, 16-ea-windowsservercore, 16-jdk-windowsservercore, 16-windowsservercore, 16-ea-33-jdk, 16-ea-33, 16-ea-jdk, 16-ea, 16-jdk, 16
+Tags: 16-ea-34-jdk-windowsservercore-ltsc2016, 16-ea-34-windowsservercore-ltsc2016, 16-ea-jdk-windowsservercore-ltsc2016, 16-ea-windowsservercore-ltsc2016, 16-jdk-windowsservercore-ltsc2016, 16-windowsservercore-ltsc2016
+SharedTags: 16-ea-34-jdk-windowsservercore, 16-ea-34-windowsservercore, 16-ea-jdk-windowsservercore, 16-ea-windowsservercore, 16-jdk-windowsservercore, 16-windowsservercore, 16-ea-34-jdk, 16-ea-34, 16-ea-jdk, 16-ea, 16-jdk, 16
Architectures: windows-amd64
-GitCommit: 3f4ad224491abfb5ea96a80cbaf4ff7f1b8d9c66
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 16/jdk/windows/windowsservercore-ltsc2016
Constraints: windowsservercore-ltsc2016
-Tags: 17-ea-6-jdk-buster, 17-ea-6-buster, 17-ea-jdk-buster, 17-ea-buster, 17-jdk-buster, 17-buster
+Tags: 17-ea-5-jdk-alpine3.12, 17-ea-5-alpine3.12, 17-ea-jdk-alpine3.12, 17-ea-alpine3.12, 17-jdk-alpine3.12, 17-alpine3.12
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
+Directory: 17/jdk/alpine3.12
+
+Tags: 17-ea-5-jdk-alpine3.13, 17-ea-5-alpine3.13, 17-ea-jdk-alpine3.13, 17-ea-alpine3.13, 17-jdk-alpine3.13, 17-alpine3.13, 17-ea-5-jdk-alpine, 17-ea-5-alpine, 17-ea-jdk-alpine, 17-ea-alpine, 17-jdk-alpine, 17-alpine
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
+Directory: 17/jdk/alpine3.13
+
+Tags: 17-ea-7-jdk-buster, 17-ea-7-buster, 17-ea-jdk-buster, 17-ea-buster, 17-jdk-buster, 17-buster
Architectures: amd64, arm64v8
-GitCommit: 64557ee2ad82aeaae093ac069b7212cd4a0ea987
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 17/jdk/buster
-Tags: 17-ea-6-jdk-nanoserver-1809, 17-ea-6-nanoserver-1809, 17-ea-jdk-nanoserver-1809, 17-ea-nanoserver-1809, 17-jdk-nanoserver-1809, 17-nanoserver-1809
-SharedTags: 17-ea-6-jdk-nanoserver, 17-ea-6-nanoserver, 17-ea-jdk-nanoserver, 17-ea-nanoserver, 17-jdk-nanoserver, 17-nanoserver
+Tags: 17-ea-7-jdk-nanoserver-1809, 17-ea-7-nanoserver-1809, 17-ea-jdk-nanoserver-1809, 17-ea-nanoserver-1809, 17-jdk-nanoserver-1809, 17-nanoserver-1809
+SharedTags: 17-ea-7-jdk-nanoserver, 17-ea-7-nanoserver, 17-ea-jdk-nanoserver, 17-ea-nanoserver, 17-jdk-nanoserver, 17-nanoserver
Architectures: windows-amd64
-GitCommit: 64557ee2ad82aeaae093ac069b7212cd4a0ea987
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 17/jdk/windows/nanoserver-1809
Constraints: nanoserver-1809, windowsservercore-1809
-Tags: 17-ea-6-jdk-oraclelinux7, 17-ea-6-oraclelinux7, 17-ea-jdk-oraclelinux7, 17-ea-oraclelinux7, 17-jdk-oraclelinux7, 17-oraclelinux7
+Tags: 17-ea-7-jdk-oraclelinux7, 17-ea-7-oraclelinux7, 17-ea-jdk-oraclelinux7, 17-ea-oraclelinux7, 17-jdk-oraclelinux7, 17-oraclelinux7
Architectures: amd64, arm64v8
-GitCommit: 64557ee2ad82aeaae093ac069b7212cd4a0ea987
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 17/jdk/oraclelinux7
-Tags: 17-ea-6-jdk-oraclelinux8, 17-ea-6-oraclelinux8, 17-ea-jdk-oraclelinux8, 17-ea-oraclelinux8, 17-jdk-oraclelinux8, 17-oraclelinux8, 17-ea-6-jdk-oracle, 17-ea-6-oracle, 17-ea-jdk-oracle, 17-ea-oracle, 17-jdk-oracle, 17-oracle
-SharedTags: 17-ea-6-jdk, 17-ea-6, 17-ea-jdk, 17-ea, 17-jdk, 17
+Tags: 17-ea-7-jdk-oraclelinux8, 17-ea-7-oraclelinux8, 17-ea-jdk-oraclelinux8, 17-ea-oraclelinux8, 17-jdk-oraclelinux8, 17-oraclelinux8, 17-ea-7-jdk-oracle, 17-ea-7-oracle, 17-ea-jdk-oracle, 17-ea-oracle, 17-jdk-oracle, 17-oracle
+SharedTags: 17-ea-7-jdk, 17-ea-7, 17-ea-jdk, 17-ea, 17-jdk, 17
Architectures: amd64, arm64v8
-GitCommit: 64557ee2ad82aeaae093ac069b7212cd4a0ea987
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 17/jdk/oraclelinux8
-Tags: 17-ea-6-jdk-slim-buster, 17-ea-6-slim-buster, 17-ea-jdk-slim-buster, 17-ea-slim-buster, 17-jdk-slim-buster, 17-slim-buster, 17-ea-6-jdk-slim, 17-ea-6-slim, 17-ea-jdk-slim, 17-ea-slim, 17-jdk-slim, 17-slim
+Tags: 17-ea-7-jdk-slim-buster, 17-ea-7-slim-buster, 17-ea-jdk-slim-buster, 17-ea-slim-buster, 17-jdk-slim-buster, 17-slim-buster, 17-ea-7-jdk-slim, 17-ea-7-slim, 17-ea-jdk-slim, 17-ea-slim, 17-jdk-slim, 17-slim
Architectures: amd64, arm64v8
-GitCommit: 64557ee2ad82aeaae093ac069b7212cd4a0ea987
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 17/jdk/slim-buster
-Tags: 17-ea-6-jdk-windowsservercore-1809, 17-ea-6-windowsservercore-1809, 17-ea-jdk-windowsservercore-1809, 17-ea-windowsservercore-1809, 17-jdk-windowsservercore-1809, 17-windowsservercore-1809
-SharedTags: 17-ea-6-jdk-windowsservercore, 17-ea-6-windowsservercore, 17-ea-jdk-windowsservercore, 17-ea-windowsservercore, 17-jdk-windowsservercore, 17-windowsservercore, 17-ea-6-jdk, 17-ea-6, 17-ea-jdk, 17-ea, 17-jdk, 17
+Tags: 17-ea-7-jdk-windowsservercore-1809, 17-ea-7-windowsservercore-1809, 17-ea-jdk-windowsservercore-1809, 17-ea-windowsservercore-1809, 17-jdk-windowsservercore-1809, 17-windowsservercore-1809
+SharedTags: 17-ea-7-jdk-windowsservercore, 17-ea-7-windowsservercore, 17-ea-jdk-windowsservercore, 17-ea-windowsservercore, 17-jdk-windowsservercore, 17-windowsservercore, 17-ea-7-jdk, 17-ea-7, 17-ea-jdk, 17-ea, 17-jdk, 17
Architectures: windows-amd64
-GitCommit: 64557ee2ad82aeaae093ac069b7212cd4a0ea987
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 17/jdk/windows/windowsservercore-1809
Constraints: windowsservercore-1809
-Tags: 17-ea-6-jdk-windowsservercore-ltsc2016, 17-ea-6-windowsservercore-ltsc2016, 17-ea-jdk-windowsservercore-ltsc2016, 17-ea-windowsservercore-ltsc2016, 17-jdk-windowsservercore-ltsc2016, 17-windowsservercore-ltsc2016
-SharedTags: 17-ea-6-jdk-windowsservercore, 17-ea-6-windowsservercore, 17-ea-jdk-windowsservercore, 17-ea-windowsservercore, 17-jdk-windowsservercore, 17-windowsservercore, 17-ea-6-jdk, 17-ea-6, 17-ea-jdk, 17-ea, 17-jdk, 17
+Tags: 17-ea-7-jdk-windowsservercore-ltsc2016, 17-ea-7-windowsservercore-ltsc2016, 17-ea-jdk-windowsservercore-ltsc2016, 17-ea-windowsservercore-ltsc2016, 17-jdk-windowsservercore-ltsc2016, 17-windowsservercore-ltsc2016
+SharedTags: 17-ea-7-jdk-windowsservercore, 17-ea-7-windowsservercore, 17-ea-jdk-windowsservercore, 17-ea-windowsservercore, 17-jdk-windowsservercore, 17-windowsservercore, 17-ea-7-jdk, 17-ea-7, 17-ea-jdk, 17-ea, 17-jdk, 17
Architectures: windows-amd64
-GitCommit: 64557ee2ad82aeaae093ac069b7212cd4a0ea987
+GitCommit: 3fec00485b8448f6a9a4c150ad8a770306ca6814
Directory: 17/jdk/windows/windowsservercore-ltsc2016
Constraints: windowsservercore-ltsc2016
diff --git a/_bashbrew-list b/_bashbrew-list
index c96d74c..343534b 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -238,42 +238,47 @@ openjdk:15.0.2-windowsservercore-ltsc2016
openjdk:16
openjdk:16-alpine
openjdk:16-alpine3.12
+openjdk:16-alpine3.13
openjdk:16-buster
openjdk:16-ea
openjdk:16-ea-32-alpine
openjdk:16-ea-32-alpine3.12
+openjdk:16-ea-32-alpine3.13
openjdk:16-ea-32-jdk-alpine
openjdk:16-ea-32-jdk-alpine3.12
-openjdk:16-ea-33
-openjdk:16-ea-33-buster
-openjdk:16-ea-33-jdk
-openjdk:16-ea-33-jdk-buster
-openjdk:16-ea-33-jdk-nanoserver
-openjdk:16-ea-33-jdk-nanoserver-1809
-openjdk:16-ea-33-jdk-oracle
-openjdk:16-ea-33-jdk-oraclelinux7
-openjdk:16-ea-33-jdk-oraclelinux8
-openjdk:16-ea-33-jdk-slim
-openjdk:16-ea-33-jdk-slim-buster
-openjdk:16-ea-33-jdk-windowsservercore
-openjdk:16-ea-33-jdk-windowsservercore-1809
-openjdk:16-ea-33-jdk-windowsservercore-ltsc2016
-openjdk:16-ea-33-nanoserver
-openjdk:16-ea-33-nanoserver-1809
-openjdk:16-ea-33-oracle
-openjdk:16-ea-33-oraclelinux7
-openjdk:16-ea-33-oraclelinux8
-openjdk:16-ea-33-slim
-openjdk:16-ea-33-slim-buster
-openjdk:16-ea-33-windowsservercore
-openjdk:16-ea-33-windowsservercore-1809
-openjdk:16-ea-33-windowsservercore-ltsc2016
+openjdk:16-ea-32-jdk-alpine3.13
+openjdk:16-ea-34
+openjdk:16-ea-34-buster
+openjdk:16-ea-34-jdk
+openjdk:16-ea-34-jdk-buster
+openjdk:16-ea-34-jdk-nanoserver
+openjdk:16-ea-34-jdk-nanoserver-1809
+openjdk:16-ea-34-jdk-oracle
+openjdk:16-ea-34-jdk-oraclelinux7
+openjdk:16-ea-34-jdk-oraclelinux8
+openjdk:16-ea-34-jdk-slim
+openjdk:16-ea-34-jdk-slim-buster
+openjdk:16-ea-34-jdk-windowsservercore
+openjdk:16-ea-34-jdk-windowsservercore-1809
+openjdk:16-ea-34-jdk-windowsservercore-ltsc2016
+openjdk:16-ea-34-nanoserver
+openjdk:16-ea-34-nanoserver-1809
+openjdk:16-ea-34-oracle
+openjdk:16-ea-34-oraclelinux7
+openjdk:16-ea-34-oraclelinux8
+openjdk:16-ea-34-slim
+openjdk:16-ea-34-slim-buster
+openjdk:16-ea-34-windowsservercore
+openjdk:16-ea-34-windowsservercore-1809
+openjdk:16-ea-34-windowsservercore-ltsc2016
openjdk:16-ea-alpine
openjdk:16-ea-alpine3.12
+openjdk:16-ea-alpine3.13
openjdk:16-ea-buster
openjdk:16-ea-jdk
openjdk:16-ea-jdk-alpine
openjdk:16-ea-jdk-alpine3.12
+openjdk:16-ea-jdk-alpine3.13
openjdk:16-ea-jdk-buster
openjdk:16-ea-jdk-nanoserver
openjdk:16-ea-jdk-nanoserver-1809
@@ -298,6 +303,7 @@ openjdk:16-ea-windowsservercore-ltsc2016
openjdk:16-jdk
openjdk:16-jdk-alpine
openjdk:16-jdk-alpine3.12
+openjdk:16-jdk-alpine3.13
openjdk:16-jdk-buster
openjdk:16-jdk-nanoserver
openjdk:16-jdk-nanoserver-1809
@@ -320,34 +326,49 @@ openjdk:16-windowsservercore
openjdk:16-windowsservercore-1809
openjdk:16-windowsservercore-ltsc2016
openjdk:17
+openjdk:17-alpine
+openjdk:17-alpine3.12
+openjdk:17-alpine3.13
openjdk:17-buster
openjdk:17-ea
-openjdk:17-ea-6
-openjdk:17-ea-6-buster
-openjdk:17-ea-6-jdk
-openjdk:17-ea-6-jdk-buster
-openjdk:17-ea-6-jdk-nanoserver
-openjdk:17-ea-6-jdk-nanoserver-1809
-openjdk:17-ea-6-jdk-oracle
-openjdk:17-ea-6-jdk-oraclelinux7
-openjdk:17-ea-6-jdk-oraclelinux8
-openjdk:17-ea-6-jdk-slim
-openjdk:17-ea-6-jdk-slim-buster
-openjdk:17-ea-6-jdk-windowsservercore
-openjdk:17-ea-6-jdk-windowsservercore-1809
-openjdk:17-ea-6-jdk-windowsservercore-ltsc2016
-openjdk:17-ea-6-nanoserver
-openjdk:17-ea-6-nanoserver-1809
-openjdk:17-ea-6-oracle
-openjdk:17-ea-6-oraclelinux7
-openjdk:17-ea-6-oraclelinux8
-openjdk:17-ea-6-slim
-openjdk:17-ea-6-slim-buster
-openjdk:17-ea-6-windowsservercore
-openjdk:17-ea-6-windowsservercore-1809
-openjdk:17-ea-6-windowsservercore-ltsc2016
+openjdk:17-ea-5-alpine
+openjdk:17-ea-5-alpine3.12
+openjdk:17-ea-5-alpine3.13
+openjdk:17-ea-5-jdk-alpine
+openjdk:17-ea-5-jdk-alpine3.12
+openjdk:17-ea-5-jdk-alpine3.13
+openjdk:17-ea-7
+openjdk:17-ea-7-buster
+openjdk:17-ea-7-jdk
+openjdk:17-ea-7-jdk-buster
+openjdk:17-ea-7-jdk-nanoserver
+openjdk:17-ea-7-jdk-nanoserver-1809
+openjdk:17-ea-7-jdk-oracle
+openjdk:17-ea-7-jdk-oraclelinux7
+openjdk:17-ea-7-jdk-oraclelinux8
+openjdk:17-ea-7-jdk-slim
+openjdk:17-ea-7-jdk-slim-buster
+openjdk:17-ea-7-jdk-windowsservercore
+openjdk:17-ea-7-jdk-windowsservercore-1809
+openjdk:17-ea-7-jdk-windowsservercore-ltsc2016
+openjdk:17-ea-7-nanoserver
+openjdk:17-ea-7-nanoserver-1809
+openjdk:17-ea-7-oracle
+openjdk:17-ea-7-oraclelinux7
+openjdk:17-ea-7-oraclelinux8
+openjdk:17-ea-7-slim
+openjdk:17-ea-7-slim-buster
+openjdk:17-ea-7-windowsservercore
+openjdk:17-ea-7-windowsservercore-1809
+openjdk:17-ea-7-windowsservercore-ltsc2016
+openjdk:17-ea-alpine
+openjdk:17-ea-alpine3.12
+openjdk:17-ea-alpine3.13
openjdk:17-ea-buster
openjdk:17-ea-jdk
+openjdk:17-ea-jdk-alpine
+openjdk:17-ea-jdk-alpine3.12
+openjdk:17-ea-jdk-alpine3.13
openjdk:17-ea-jdk-buster
openjdk:17-ea-jdk-nanoserver
openjdk:17-ea-jdk-nanoserver-1809
@@ -370,6 +391,9 @@ openjdk:17-ea-windowsservercore
openjdk:17-ea-windowsservercore-1809
openjdk:17-ea-windowsservercore-ltsc2016
openjdk:17-jdk
+openjdk:17-jdk-alpine
+openjdk:17-jdk-alpine3.12
+openjdk:17-jdk-alpine3.13
openjdk:17-jdk-buster
openjdk:17-jdk-nanoserver
openjdk:17-jdk-nanoserver-1809
diff --git a/openjdk_11-buster/Dockerfile b/openjdk_11-buster/Dockerfile
index b89fbbc..51a4ca6 100644
--- a/openjdk_11-buster/Dockerfile
+++ b/openjdk_11-buster/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM buildpack-deps:buster-scm
RUN set -eux; \
@@ -7,24 +13,22 @@ RUN set -eux; \
unzip \
xz-utils \
\
-# utilities for keeping Debian and OpenJDK CA certificates in sync
- ca-certificates p11-kit \
- \
# java.lang.UnsatisfiedLinkError: /usr/local/openjdk-11/lib/libfontmanager.so: libfreetype.so.6: cannot open shared object file: No such file or directory
# java.lang.NoClassDefFoundError: Could not initialize class sun.awt.X11FontManager
# https://github.com/docker-library/openjdk/pull/235#issuecomment-424466077
fontconfig libfreetype6 \
+ \
+# utilities for keeping Debian and OpenJDK CA certificates in sync
+ ca-certificates p11-kit \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-11
+RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ] # backwards compatibility
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://adoptopenjdk.net/upstream.html
# >
@@ -43,26 +47,27 @@ ENV JAVA_VERSION 11.0.10
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# arm64v8
- arm64 | aarch64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_aarch64_linux_11.0.10_9.tar.gz ;; \
-# amd64
- amd64 | i386:x86-64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_x64_linux_11.0.10_9.tar.gz ;; \
-# fallback
+ 'amd64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_x64_linux_11.0.10_9.tar.gz'; \
+ ;; \
+ 'arm64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_aarch64_linux_11.0.10_9.tar.gz'; \
+ ;; \
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
- wget -O openjdk.tgz.asc "$downloadUrl.sign"; \
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
+ wget --progress=dot:giga -O openjdk.tgz.asc "$downloadUrl.sign"; \
\
export GNUPGHOME="$(mktemp -d)"; \
+# pre-fetch Andrew Haley's (the OpenJDK 8 and 11 Updates OpenJDK project lead) key so we can verify that the OpenJDK key was signed by it
+# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
+# we pre-fetch this so that the signature it makes on the OpenJDK key can survive "import-clean" in gpg
+ gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
# TODO find a good link for users to verify this key is right (https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-April/000951.html is one of the only mentions of it I can find); perhaps a note added to https://adoptopenjdk.net/upstream.html would make sense?
# no-self-sigs-only: https://salsa.debian.org/debian/gnupg2/commit/c93ca04a53569916308b369c8b218dad5ae8fe07
gpg --batch --keyserver ha.pool.sks-keyservers.net --keyserver-options no-self-sigs-only --recv-keys CA5F11C6CE22644D42C6AC4492EF8D39DC13168F; \
-# also verify that key was signed by Andrew Haley (the OpenJDK 8 and 11 Updates OpenJDK project lead)
-# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
- gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
gpg --batch --list-sigs --keyid-format 0xLONG CA5F11C6CE22644D42C6AC4492EF8D39DC13168F \
| tee /dev/stderr \
| grep '0xA5CD6035332FA671' \
@@ -80,8 +85,6 @@ RUN set -eux; \
; \
rm openjdk.tgz*; \
\
-# TODO strip "demo" and "man" folders?
- \
# update "cacerts" bundle to use Debian's CA certificates (and make sure it stays up-to-date with changes to Debian's store)
# see https://github.com/docker-library/openjdk/issues/327
# http://rabexc.org/posts/certificates-not-working-java#comment-4099504075
@@ -90,11 +93,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
@@ -103,6 +102,10 @@ RUN set -eux; \
find "$JAVA_HOME/lib" -name '*.so' -exec dirname '{}' ';' | sort -u > /etc/ld.so.conf.d/docker-openjdk.conf; \
ldconfig; \
\
+# https://github.com/docker-library/openjdk/issues/212#issuecomment-420979840
+# https://openjdk.java.net/jeps/341
+ java -Xshare:dump; \
+ \
# basic smoke test
fileEncoding="$(echo 'System.out.println(System.getProperty("file.encoding"))' | jshell -s -)"; [ "$fileEncoding" = 'UTF-8' ]; rm -rf ~/.java; \
javac --version; \
diff --git a/openjdk_11-jre-buster/Dockerfile b/openjdk_11-jre-buster/Dockerfile
index 07d0732..a3a4892 100644
--- a/openjdk_11-jre-buster/Dockerfile
+++ b/openjdk_11-jre-buster/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM buildpack-deps:buster-curl
RUN set -eux; \
@@ -7,24 +13,22 @@ RUN set -eux; \
unzip \
xz-utils \
\
-# utilities for keeping Debian and OpenJDK CA certificates in sync
- ca-certificates p11-kit \
- \
# java.lang.UnsatisfiedLinkError: /usr/local/openjdk-11/lib/libfontmanager.so: libfreetype.so.6: cannot open shared object file: No such file or directory
# java.lang.NoClassDefFoundError: Could not initialize class sun.awt.X11FontManager
# https://github.com/docker-library/openjdk/pull/235#issuecomment-424466077
fontconfig libfreetype6 \
+ \
+# utilities for keeping Debian and OpenJDK CA certificates in sync
+ ca-certificates p11-kit \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-11
+RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ] # backwards compatibility
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://adoptopenjdk.net/upstream.html
# >
@@ -43,26 +47,27 @@ ENV JAVA_VERSION 11.0.10
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# arm64v8
- arm64 | aarch64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jre_aarch64_linux_11.0.10_9.tar.gz ;; \
-# amd64
- amd64 | i386:x86-64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jre_x64_linux_11.0.10_9.tar.gz ;; \
-# fallback
+ 'amd64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jre_x64_linux_11.0.10_9.tar.gz'; \
+ ;; \
+ 'arm64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jre_aarch64_linux_11.0.10_9.tar.gz'; \
+ ;; \
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
- wget -O openjdk.tgz.asc "$downloadUrl.sign"; \
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
+ wget --progress=dot:giga -O openjdk.tgz.asc "$downloadUrl.sign"; \
\
export GNUPGHOME="$(mktemp -d)"; \
+# pre-fetch Andrew Haley's (the OpenJDK 8 and 11 Updates OpenJDK project lead) key so we can verify that the OpenJDK key was signed by it
+# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
+# we pre-fetch this so that the signature it makes on the OpenJDK key can survive "import-clean" in gpg
+ gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
# TODO find a good link for users to verify this key is right (https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-April/000951.html is one of the only mentions of it I can find); perhaps a note added to https://adoptopenjdk.net/upstream.html would make sense?
# no-self-sigs-only: https://salsa.debian.org/debian/gnupg2/commit/c93ca04a53569916308b369c8b218dad5ae8fe07
gpg --batch --keyserver ha.pool.sks-keyservers.net --keyserver-options no-self-sigs-only --recv-keys CA5F11C6CE22644D42C6AC4492EF8D39DC13168F; \
-# also verify that key was signed by Andrew Haley (the OpenJDK 8 and 11 Updates OpenJDK project lead)
-# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
- gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
gpg --batch --list-sigs --keyid-format 0xLONG CA5F11C6CE22644D42C6AC4492EF8D39DC13168F \
| tee /dev/stderr \
| grep '0xA5CD6035332FA671' \
@@ -80,8 +85,6 @@ RUN set -eux; \
; \
rm openjdk.tgz*; \
\
-# TODO strip "demo" and "man" folders?
- \
# update "cacerts" bundle to use Debian's CA certificates (and make sure it stays up-to-date with changes to Debian's store)
# see https://github.com/docker-library/openjdk/issues/327
# http://rabexc.org/posts/certificates-not-working-java#comment-4099504075
@@ -90,11 +93,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
@@ -103,5 +102,9 @@ RUN set -eux; \
find "$JAVA_HOME/lib" -name '*.so' -exec dirname '{}' ';' | sort -u > /etc/ld.so.conf.d/docker-openjdk.conf; \
ldconfig; \
\
+# https://github.com/docker-library/openjdk/issues/212#issuecomment-420979840
+# https://openjdk.java.net/jeps/341
+ java -Xshare:dump; \
+ \
# basic smoke test
java --version
diff --git a/openjdk_11-jre-nanoserver-1809/Dockerfile b/openjdk_11-jre-nanoserver-1809/Dockerfile
index ad04fbd..4b00e8a 100644
--- a/openjdk_11-jre-nanoserver-1809/Dockerfile
+++ b/openjdk_11-jre-nanoserver-1809/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/nanoserver:1809
SHELL ["cmd", "/s", "/c"]
@@ -6,7 +12,8 @@ ENV JAVA_HOME C:\\openjdk-11
# "ERROR: Access to the registry path is denied."
USER ContainerAdministrator
RUN echo Updating PATH: %JAVA_HOME%\bin;%PATH% \
- && setx /M PATH %JAVA_HOME%\bin;%PATH%
+ && setx /M PATH %JAVA_HOME%\bin;%PATH% \
+ && echo Complete.
USER ContainerUser
# https://adoptopenjdk.net/upstream.html
@@ -26,4 +33,5 @@ ENV JAVA_VERSION 11.0.10
COPY --from=openjdk:11.0.10-jre-windowsservercore-1809 $JAVA_HOME $JAVA_HOME
RUN echo Verifying install ... \
- && echo java --version && java --version
+ && echo java --version && java --version \
+ && echo Complete.
diff --git a/openjdk_11-jre-slim/Dockerfile b/openjdk_11-jre-slim/Dockerfile
index 6edfec2..da1d3a6 100644
--- a/openjdk_11-jre-slim/Dockerfile
+++ b/openjdk_11-jre-slim/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM debian:buster-slim
RUN set -eux; \
@@ -8,14 +14,12 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-11
+RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ] # backwards compatibility
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://adoptopenjdk.net/upstream.html
# >
@@ -34,13 +38,13 @@ ENV JAVA_VERSION 11.0.10
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# arm64v8
- arm64 | aarch64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jre_aarch64_linux_11.0.10_9.tar.gz ;; \
-# amd64
- amd64 | i386:x86-64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jre_x64_linux_11.0.10_9.tar.gz ;; \
-# fallback
+ 'amd64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jre_x64_linux_11.0.10_9.tar.gz'; \
+ ;; \
+ 'arm64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jre_aarch64_linux_11.0.10_9.tar.gz'; \
+ ;; \
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -53,16 +57,17 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*; \
\
- wget -O openjdk.tgz.asc "$downloadUrl.sign"; \
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
+ wget --progress=dot:giga -O openjdk.tgz.asc "$downloadUrl.sign"; \
\
export GNUPGHOME="$(mktemp -d)"; \
+# pre-fetch Andrew Haley's (the OpenJDK 8 and 11 Updates OpenJDK project lead) key so we can verify that the OpenJDK key was signed by it
+# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
+# we pre-fetch this so that the signature it makes on the OpenJDK key can survive "import-clean" in gpg
+ gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
# TODO find a good link for users to verify this key is right (https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-April/000951.html is one of the only mentions of it I can find); perhaps a note added to https://adoptopenjdk.net/upstream.html would make sense?
# no-self-sigs-only: https://salsa.debian.org/debian/gnupg2/commit/c93ca04a53569916308b369c8b218dad5ae8fe07
gpg --batch --keyserver ha.pool.sks-keyservers.net --keyserver-options no-self-sigs-only --recv-keys CA5F11C6CE22644D42C6AC4492EF8D39DC13168F; \
-# also verify that key was signed by Andrew Haley (the OpenJDK 8 and 11 Updates OpenJDK project lead)
-# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
- gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
gpg --batch --list-sigs --keyid-format 0xLONG CA5F11C6CE22644D42C6AC4492EF8D39DC13168F \
| tee /dev/stderr \
| grep '0xA5CD6035332FA671' \
@@ -80,8 +85,6 @@ RUN set -eux; \
; \
rm openjdk.tgz*; \
\
-# TODO strip "demo" and "man" folders?
- \
apt-mark auto '.*' > /dev/null; \
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
@@ -94,11 +97,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
@@ -107,5 +106,9 @@ RUN set -eux; \
find "$JAVA_HOME/lib" -name '*.so' -exec dirname '{}' ';' | sort -u > /etc/ld.so.conf.d/docker-openjdk.conf; \
ldconfig; \
\
+# https://github.com/docker-library/openjdk/issues/212#issuecomment-420979840
+# https://openjdk.java.net/jeps/341
+ java -Xshare:dump; \
+ \
# basic smoke test
java --version
diff --git a/openjdk_11-jre-windowsservercore-1809/Dockerfile b/openjdk_11-jre-windowsservercore-1809/Dockerfile
index 2a3645f..57e5261 100644
--- a/openjdk_11-jre-windowsservercore-1809/Dockerfile
+++ b/openjdk_11-jre-windowsservercore-1809/Dockerfile
@@ -1,13 +1,33 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:1809
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
+# enable TLS 1.2
+# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
+# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
+RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
+ $tls12RegBase = 'HKLM:\\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2'; \
+ if (Test-Path $tls12RegBase) { throw ('"{0}" already exists!' -f $tls12RegBase) }; \
+ New-Item -Path ('{0}/Client' -f $tls12RegBase) -Force; \
+ New-Item -Path ('{0}/Server' -f $tls12RegBase) -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
+
ENV JAVA_HOME C:\\openjdk-11
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://adoptopenjdk.net/upstream.html
# >
diff --git a/openjdk_11-jre-windowsservercore-ltsc2016/Dockerfile b/openjdk_11-jre-windowsservercore-ltsc2016/Dockerfile
index afe09e8..3f083f6 100644
--- a/openjdk_11-jre-windowsservercore-ltsc2016/Dockerfile
+++ b/openjdk_11-jre-windowsservercore-ltsc2016/Dockerfile
@@ -1,13 +1,33 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:ltsc2016
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
+# enable TLS 1.2
+# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
+# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
+RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
+ $tls12RegBase = 'HKLM:\\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2'; \
+ if (Test-Path $tls12RegBase) { throw ('"{0}" already exists!' -f $tls12RegBase) }; \
+ New-Item -Path ('{0}/Client' -f $tls12RegBase) -Force; \
+ New-Item -Path ('{0}/Server' -f $tls12RegBase) -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
+
ENV JAVA_HOME C:\\openjdk-11
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://adoptopenjdk.net/upstream.html
# >
diff --git a/openjdk_11-nanoserver-1809/Dockerfile b/openjdk_11-nanoserver-1809/Dockerfile
index 8c9d3f8..2044261 100644
--- a/openjdk_11-nanoserver-1809/Dockerfile
+++ b/openjdk_11-nanoserver-1809/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/nanoserver:1809
SHELL ["cmd", "/s", "/c"]
@@ -6,7 +12,8 @@ ENV JAVA_HOME C:\\openjdk-11
# "ERROR: Access to the registry path is denied."
USER ContainerAdministrator
RUN echo Updating PATH: %JAVA_HOME%\bin;%PATH% \
- && setx /M PATH %JAVA_HOME%\bin;%PATH%
+ && setx /M PATH %JAVA_HOME%\bin;%PATH% \
+ && echo Complete.
USER ContainerUser
# https://adoptopenjdk.net/upstream.html
@@ -27,7 +34,8 @@ COPY --from=openjdk:11.0.10-jdk-windowsservercore-1809 $JAVA_HOME $JAVA_HOME
RUN echo Verifying install ... \
&& echo javac --version && javac --version \
- && echo java --version && java --version
+ && echo java --version && java --version \
+ && echo Complete.
# "jshell" is an interactive REPL for Java (see https://en.wikipedia.org/wiki/JShell)
CMD ["jshell"]
diff --git a/openjdk_11-oracle/Dockerfile b/openjdk_11-oracle/Dockerfile
index 6241947..2b46b14 100644
--- a/openjdk_11-oracle/Dockerfile
+++ b/openjdk_11-oracle/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM oraclelinux:8-slim
RUN set -eux; \
@@ -14,12 +20,12 @@ RUN set -eux; \
; \
microdnf clean all
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/java/openjdk-11
ENV PATH $JAVA_HOME/bin:$PATH
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
+
# https://adoptopenjdk.net/upstream.html
# >
# > What are these binaries?
@@ -36,20 +42,19 @@ ENV JAVA_VERSION 11.0.10
RUN set -eux; \
\
- objdump="$(command -v objdump)"; \
- arch="$(objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
-# this "case" statement is generated via "update.sh"
+ arch="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
case "$arch" in \
-# arm64v8
- arm64 | aarch64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_aarch64_linux_11.0.10_9.tar.gz ;; \
-# amd64
- amd64 | i386:x86-64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_x64_linux_11.0.10_9.tar.gz ;; \
-# fallback
+ 'i386:x86-64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_x64_linux_11.0.10_9.tar.gz'; \
+ ;; \
+ 'aarch64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_aarch64_linux_11.0.10_9.tar.gz'; \
+ ;; \
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
- curl -fL -o openjdk.tgz.asc "$downloadUrl.sign"; \
curl -fL -o openjdk.tgz "$downloadUrl"; \
+ curl -fL -o openjdk.tgz.asc "$downloadUrl.sign"; \
\
export GNUPGHOME="$(mktemp -d)"; \
# pre-fetch Andrew Haley's (the OpenJDK 8 and 11 Updates OpenJDK project lead) key so we can verify that the OpenJDK key was signed by it
@@ -75,7 +80,9 @@ RUN set -eux; \
; \
rm openjdk.tgz*; \
\
-# TODO strip "demo" and "man" folders?
+ rm -rf "$JAVA_HOME/lib/security/cacerts"; \
+# see "update-ca-trust" script which creates/maintains this cacerts bundle
+ ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
\
# https://github.com/oracle/docker-images/blob/a56e0d1ed968ff669d2e2ba8a1483d0f3acc80c0/OracleJava/java-8/Dockerfile#L17-L19
ln -sfT "$JAVA_HOME" /usr/java/default; \
@@ -86,12 +93,9 @@ RUN set -eux; \
alternatives --install "/usr/bin/$base" "$base" "$bin" 20000; \
done; \
\
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done; \
- if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi; \
-# see "update-ca-trust" script which creates/maintains this cacerts bundle
- rm -rf "$cacertsFile"; \
- ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$cacertsFile"; \
+# https://github.com/docker-library/openjdk/issues/212#issuecomment-420979840
+# https://openjdk.java.net/jeps/341
+ java -Xshare:dump; \
\
# basic smoke test
fileEncoding="$(echo 'System.out.println(System.getProperty("file.encoding"))' | jshell -s -)"; [ "$fileEncoding" = 'UTF-8' ]; rm -rf ~/.java; \
diff --git a/openjdk_11-oraclelinux7/Dockerfile b/openjdk_11-oraclelinux7/Dockerfile
index 5f6b918..c855e62 100644
--- a/openjdk_11-oraclelinux7/Dockerfile
+++ b/openjdk_11-oraclelinux7/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM oraclelinux:7-slim
RUN set -eux; \
@@ -14,12 +20,12 @@ RUN set -eux; \
; \
rm -rf /var/cache/yum
-# Default to UTF-8 file.encoding
-ENV LANG en_US.UTF-8
-
ENV JAVA_HOME /usr/java/openjdk-11
ENV PATH $JAVA_HOME/bin:$PATH
+# Default to UTF-8 file.encoding
+ENV LANG en_US.UTF-8
+
# https://adoptopenjdk.net/upstream.html
# >
# > What are these binaries?
@@ -36,20 +42,19 @@ ENV JAVA_VERSION 11.0.10
RUN set -eux; \
\
- objdump="$(command -v objdump)"; \
- arch="$(objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
-# this "case" statement is generated via "update.sh"
+ arch="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
case "$arch" in \
-# arm64v8
- arm64 | aarch64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_aarch64_linux_11.0.10_9.tar.gz ;; \
-# amd64
- amd64 | i386:x86-64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_x64_linux_11.0.10_9.tar.gz ;; \
-# fallback
+ 'i386:x86-64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_x64_linux_11.0.10_9.tar.gz'; \
+ ;; \
+ 'aarch64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_aarch64_linux_11.0.10_9.tar.gz'; \
+ ;; \
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
- curl -fL -o openjdk.tgz.asc "$downloadUrl.sign"; \
curl -fL -o openjdk.tgz "$downloadUrl"; \
+ curl -fL -o openjdk.tgz.asc "$downloadUrl.sign"; \
\
export GNUPGHOME="$(mktemp -d)"; \
# pre-fetch Andrew Haley's (the OpenJDK 8 and 11 Updates OpenJDK project lead) key so we can verify that the OpenJDK key was signed by it
@@ -75,7 +80,9 @@ RUN set -eux; \
; \
rm openjdk.tgz*; \
\
-# TODO strip "demo" and "man" folders?
+ rm -rf "$JAVA_HOME/lib/security/cacerts"; \
+# see "update-ca-trust" script which creates/maintains this cacerts bundle
+ ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
\
# https://github.com/oracle/docker-images/blob/a56e0d1ed968ff669d2e2ba8a1483d0f3acc80c0/OracleJava/java-8/Dockerfile#L17-L19
ln -sfT "$JAVA_HOME" /usr/java/default; \
@@ -86,12 +93,9 @@ RUN set -eux; \
alternatives --install "/usr/bin/$base" "$base" "$bin" 20000; \
done; \
\
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done; \
- if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi; \
-# see "update-ca-trust" script which creates/maintains this cacerts bundle
- rm -rf "$cacertsFile"; \
- ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$cacertsFile"; \
+# https://github.com/docker-library/openjdk/issues/212#issuecomment-420979840
+# https://openjdk.java.net/jeps/341
+ java -Xshare:dump; \
\
# basic smoke test
fileEncoding="$(echo 'System.out.println(System.getProperty("file.encoding"))' | jshell -s -)"; [ "$fileEncoding" = 'UTF-8' ]; rm -rf ~/.java; \
diff --git a/openjdk_11-slim/Dockerfile b/openjdk_11-slim/Dockerfile
index deab0f8..95c8963 100644
--- a/openjdk_11-slim/Dockerfile
+++ b/openjdk_11-slim/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM debian:buster-slim
RUN set -eux; \
@@ -8,14 +14,12 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-11
+RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ] # backwards compatibility
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://adoptopenjdk.net/upstream.html
# >
@@ -34,13 +38,13 @@ ENV JAVA_VERSION 11.0.10
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# arm64v8
- arm64 | aarch64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_aarch64_linux_11.0.10_9.tar.gz ;; \
-# amd64
- amd64 | i386:x86-64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_x64_linux_11.0.10_9.tar.gz ;; \
-# fallback
+ 'amd64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_x64_linux_11.0.10_9.tar.gz'; \
+ ;; \
+ 'arm64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk11-upstream-binaries/releases/download/jdk-11.0.10%2B9/OpenJDK11U-jdk_aarch64_linux_11.0.10_9.tar.gz'; \
+ ;; \
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -53,16 +57,17 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*; \
\
- wget -O openjdk.tgz.asc "$downloadUrl.sign"; \
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
+ wget --progress=dot:giga -O openjdk.tgz.asc "$downloadUrl.sign"; \
\
export GNUPGHOME="$(mktemp -d)"; \
+# pre-fetch Andrew Haley's (the OpenJDK 8 and 11 Updates OpenJDK project lead) key so we can verify that the OpenJDK key was signed by it
+# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
+# we pre-fetch this so that the signature it makes on the OpenJDK key can survive "import-clean" in gpg
+ gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
# TODO find a good link for users to verify this key is right (https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-April/000951.html is one of the only mentions of it I can find); perhaps a note added to https://adoptopenjdk.net/upstream.html would make sense?
# no-self-sigs-only: https://salsa.debian.org/debian/gnupg2/commit/c93ca04a53569916308b369c8b218dad5ae8fe07
gpg --batch --keyserver ha.pool.sks-keyservers.net --keyserver-options no-self-sigs-only --recv-keys CA5F11C6CE22644D42C6AC4492EF8D39DC13168F; \
-# also verify that key was signed by Andrew Haley (the OpenJDK 8 and 11 Updates OpenJDK project lead)
-# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
- gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
gpg --batch --list-sigs --keyid-format 0xLONG CA5F11C6CE22644D42C6AC4492EF8D39DC13168F \
| tee /dev/stderr \
| grep '0xA5CD6035332FA671' \
@@ -80,8 +85,6 @@ RUN set -eux; \
; \
rm openjdk.tgz*; \
\
-# TODO strip "demo" and "man" folders?
- \
apt-mark auto '.*' > /dev/null; \
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
@@ -94,11 +97,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
@@ -107,6 +106,10 @@ RUN set -eux; \
find "$JAVA_HOME/lib" -name '*.so' -exec dirname '{}' ';' | sort -u > /etc/ld.so.conf.d/docker-openjdk.conf; \
ldconfig; \
\
+# https://github.com/docker-library/openjdk/issues/212#issuecomment-420979840
+# https://openjdk.java.net/jeps/341
+ java -Xshare:dump; \
+ \
# basic smoke test
fileEncoding="$(echo 'System.out.println(System.getProperty("file.encoding"))' | jshell -s -)"; [ "$fileEncoding" = 'UTF-8' ]; rm -rf ~/.java; \
javac --version; \
diff --git a/openjdk_11-windowsservercore-1809/Dockerfile b/openjdk_11-windowsservercore-1809/Dockerfile
index ed03e4d..ef3410d 100644
--- a/openjdk_11-windowsservercore-1809/Dockerfile
+++ b/openjdk_11-windowsservercore-1809/Dockerfile
@@ -1,13 +1,33 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:1809
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
+# enable TLS 1.2
+# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
+# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
+RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
+ $tls12RegBase = 'HKLM:\\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2'; \
+ if (Test-Path $tls12RegBase) { throw ('"{0}" already exists!' -f $tls12RegBase) }; \
+ New-Item -Path ('{0}/Client' -f $tls12RegBase) -Force; \
+ New-Item -Path ('{0}/Server' -f $tls12RegBase) -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
+
ENV JAVA_HOME C:\\openjdk-11
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://adoptopenjdk.net/upstream.html
# >
diff --git a/openjdk_11-windowsservercore-ltsc2016/Dockerfile b/openjdk_11-windowsservercore-ltsc2016/Dockerfile
index ef94333..9f15b8f 100644
--- a/openjdk_11-windowsservercore-ltsc2016/Dockerfile
+++ b/openjdk_11-windowsservercore-ltsc2016/Dockerfile
@@ -1,13 +1,33 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:ltsc2016
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
+# enable TLS 1.2
+# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
+# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
+RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
+ $tls12RegBase = 'HKLM:\\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2'; \
+ if (Test-Path $tls12RegBase) { throw ('"{0}" already exists!' -f $tls12RegBase) }; \
+ New-Item -Path ('{0}/Client' -f $tls12RegBase) -Force; \
+ New-Item -Path ('{0}/Server' -f $tls12RegBase) -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
+
ENV JAVA_HOME C:\\openjdk-11
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://adoptopenjdk.net/upstream.html
# >
diff --git a/openjdk_16-alpine/Dockerfile b/openjdk_16-alpine/Dockerfile
index db71a6a..44ba9bd 100644
--- a/openjdk_16-alpine/Dockerfile
+++ b/openjdk_16-alpine/Dockerfile
@@ -1,4 +1,10 @@
-FROM alpine:3.12
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.13
RUN apk add --no-cache java-cacerts
@@ -15,14 +21,11 @@ ENV JAVA_VERSION 16-ea+32
RUN set -eux; \
\
arch="$(apk --print-arch)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# amd64
- x86_64) \
- downloadUrl=https://download.java.net/java/early_access/alpine/32/binaries/openjdk-16-ea+32_linux-x64-musl_bin.tar.gz; \
- downloadSha256=f9ec3071fdea08ca5be7b149d6c2f2689814e3ee86ee15b7981f5eed76280985; \
+ 'x86_64') \
+ downloadUrl='https://download.java.net/java/early_access/alpine/32/binaries/openjdk-16-ea+32_linux-x64-musl_bin.tar.gz'; \
+ downloadSha256='f9ec3071fdea08ca5be7b149d6c2f2689814e3ee86ee15b7981f5eed76280985'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -36,10 +39,10 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
\
-# see "java-cacerts" package installed above (which maintains "/etc/ssl/certs/java/cacerts" for us)
rm -rf "$JAVA_HOME/lib/security/cacerts"; \
+# see "java-cacerts" package installed above (which maintains "/etc/ssl/certs/java/cacerts" for us)
ln -sT /etc/ssl/certs/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
\
# https://github.com/docker-library/openjdk/issues/212#issuecomment-420979840
diff --git a/openjdk_16-alpine/Dockerfile b/openjdk_16-alpine3.12/Dockerfile
similarity index 79%
copy from openjdk_16-alpine/Dockerfile
copy to openjdk_16-alpine3.12/Dockerfile
index db71a6a..4862b81 100644
--- a/openjdk_16-alpine/Dockerfile
+++ b/openjdk_16-alpine3.12/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM alpine:3.12
RUN apk add --no-cache java-cacerts
@@ -15,14 +21,11 @@ ENV JAVA_VERSION 16-ea+32
RUN set -eux; \
\
arch="$(apk --print-arch)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# amd64
- x86_64) \
- downloadUrl=https://download.java.net/java/early_access/alpine/32/binaries/openjdk-16-ea+32_linux-x64-musl_bin.tar.gz; \
- downloadSha256=f9ec3071fdea08ca5be7b149d6c2f2689814e3ee86ee15b7981f5eed76280985; \
+ 'x86_64') \
+ downloadUrl='https://download.java.net/java/early_access/alpine/32/binaries/openjdk-16-ea+32_linux-x64-musl_bin.tar.gz'; \
+ downloadSha256='f9ec3071fdea08ca5be7b149d6c2f2689814e3ee86ee15b7981f5eed76280985'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -36,10 +39,10 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
\
-# see "java-cacerts" package installed above (which maintains "/etc/ssl/certs/java/cacerts" for us)
rm -rf "$JAVA_HOME/lib/security/cacerts"; \
+# see "java-cacerts" package installed above (which maintains "/etc/ssl/certs/java/cacerts" for us)
ln -sT /etc/ssl/certs/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
\
# https://github.com/docker-library/openjdk/issues/212#issuecomment-420979840
diff --git a/openjdk_16-buster/Dockerfile b/openjdk_16-buster/Dockerfile
index 54deaf3..2754dcb 100644
--- a/openjdk_16-buster/Dockerfile
+++ b/openjdk_16-buster/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM buildpack-deps:buster-scm
RUN set -eux; \
@@ -7,54 +13,48 @@ RUN set -eux; \
unzip \
xz-utils \
\
-# utilities for keeping Debian and OpenJDK CA certificates in sync
- ca-certificates p11-kit \
- \
# jlink --strip-debug on 13+ needs objcopy: https://github.com/docker-library/openjdk/issues/351
# Error: java.io.IOException: Cannot run program "objcopy": error=2, No such file or directory
binutils \
+ \
# java.lang.UnsatisfiedLinkError: /usr/local/openjdk-11/lib/libfontmanager.so: libfreetype.so.6: cannot open shared object file: No such file or directory
# java.lang.NoClassDefFoundError: Could not initialize class sun.awt.X11FontManager
# https://github.com/docker-library/openjdk/pull/235#issuecomment-424466077
fontconfig libfreetype6 \
+ \
+# utilities for keeping Debian and OpenJDK CA certificates in sync
+ ca-certificates p11-kit \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-16
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 16-ea+33
+ENV JAVA_VERSION 16-ea+34
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# arm64v8
- arm64 | aarch64) \
- downloadUrl=https://download.java.net/java/early_access/jdk16/33/GPL/openjdk-16-ea+33_linux-aarch64_bin.tar.gz; \
- downloadSha256=1da1b96306a0ede9e1c7b4284772b5de3c9f8f08f895e082f561f5f3c86ea3be; \
+ 'amd64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk16/34/GPL/openjdk-16-ea+34_linux-x64_bin.tar.gz'; \
+ downloadSha256='11fd069e3a17a17268b9bb0c8bfd440016af686acfe8d3a4bfd71381fbce22dc'; \
;; \
-# amd64
- amd64 | i386:x86-64) \
- downloadUrl=https://download.java.net/java/early_access/jdk16/33/GPL/openjdk-16-ea+33_linux-x64_bin.tar.gz; \
- downloadSha256=ba2ac6ccca898cd63090d768b89a95fba76b6303a55c41e851d75dd0c5afcee8; \
+ 'arm64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk16/34/GPL/openjdk-16-ea+34_linux-aarch64_bin.tar.gz'; \
+ downloadSha256='9c294a8b7c440c45968fc16d3aa3261be71b00a7fad22b7aafa2a7b7381e5f2c'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
echo "$downloadSha256 *openjdk.tgz" | sha256sum --strict --check -; \
\
mkdir -p "$JAVA_HOME"; \
@@ -64,7 +64,7 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
\
# update "cacerts" bundle to use Debian's CA certificates (and make sure it stays up-to-date with changes to Debian's store)
# see https://github.com/docker-library/openjdk/issues/327
@@ -74,11 +74,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
diff --git a/openjdk_16-nanoserver-1809/Dockerfile b/openjdk_16-nanoserver-1809/Dockerfile
index bf03406..7747465 100644
--- a/openjdk_16-nanoserver-1809/Dockerfile
+++ b/openjdk_16-nanoserver-1809/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/nanoserver:1809
SHELL ["cmd", "/s", "/c"]
@@ -6,20 +12,22 @@ ENV JAVA_HOME C:\\openjdk-16
# "ERROR: Access to the registry path is denied."
USER ContainerAdministrator
RUN echo Updating PATH: %JAVA_HOME%\bin;%PATH% \
- && setx /M PATH %JAVA_HOME%\bin;%PATH%
+ && setx /M PATH %JAVA_HOME%\bin;%PATH% \
+ && echo Complete.
USER ContainerUser
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 16-ea+33
+ENV JAVA_VERSION 16-ea+34
-COPY --from=openjdk:16-ea-33-jdk-windowsservercore-1809 $JAVA_HOME $JAVA_HOME
+COPY --from=openjdk:16-ea-34-jdk-windowsservercore-1809 $JAVA_HOME $JAVA_HOME
RUN echo Verifying install ... \
&& echo javac --version && javac --version \
- && echo java --version && java --version
+ && echo java --version && java --version \
+ && echo Complete.
# "jshell" is an interactive REPL for Java (see https://en.wikipedia.org/wiki/JShell)
CMD ["jshell"]
diff --git a/openjdk_16-oracle/Dockerfile b/openjdk_16-oracle/Dockerfile
index 5a913d1..7dbac3f 100644
--- a/openjdk_16-oracle/Dockerfile
+++ b/openjdk_16-oracle/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM oraclelinux:8-slim
RUN set -eux; \
@@ -14,35 +20,30 @@ RUN set -eux; \
; \
microdnf clean all
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/java/openjdk-16
ENV PATH $JAVA_HOME/bin:$PATH
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
+
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 16-ea+33
+ENV JAVA_VERSION 16-ea+34
RUN set -eux; \
\
- objdump="$(command -v objdump)"; \
- arch="$(objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
-# this "case" statement is generated via "update.sh"
+ arch="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
case "$arch" in \
-# arm64v8
- arm64 | aarch64) \
- downloadUrl=https://download.java.net/java/early_access/jdk16/33/GPL/openjdk-16-ea+33_linux-aarch64_bin.tar.gz; \
- downloadSha256=1da1b96306a0ede9e1c7b4284772b5de3c9f8f08f895e082f561f5f3c86ea3be; \
+ 'i386:x86-64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk16/34/GPL/openjdk-16-ea+34_linux-x64_bin.tar.gz'; \
+ downloadSha256='11fd069e3a17a17268b9bb0c8bfd440016af686acfe8d3a4bfd71381fbce22dc'; \
;; \
-# amd64
- amd64 | i386:x86-64) \
- downloadUrl=https://download.java.net/java/early_access/jdk16/33/GPL/openjdk-16-ea+33_linux-x64_bin.tar.gz; \
- downloadSha256=ba2ac6ccca898cd63090d768b89a95fba76b6303a55c41e851d75dd0c5afcee8; \
+ 'aarch64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk16/34/GPL/openjdk-16-ea+34_linux-aarch64_bin.tar.gz'; \
+ downloadSha256='9c294a8b7c440c45968fc16d3aa3261be71b00a7fad22b7aafa2a7b7381e5f2c'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -56,7 +57,11 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
+ \
+ rm -rf "$JAVA_HOME/lib/security/cacerts"; \
+# see "update-ca-trust" script which creates/maintains this cacerts bundle
+ ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
\
# https://github.com/oracle/docker-images/blob/a56e0d1ed968ff669d2e2ba8a1483d0f3acc80c0/OracleJava/java-8/Dockerfile#L17-L19
ln -sfT "$JAVA_HOME" /usr/java/default; \
@@ -71,10 +76,6 @@ RUN set -eux; \
# https://openjdk.java.net/jeps/341
java -Xshare:dump; \
\
-# see "update-ca-trust" script which creates/maintains this cacerts bundle
- rm -rf "$JAVA_HOME/lib/security/cacerts"; \
- ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
- \
# basic smoke test
fileEncoding="$(echo 'System.out.println(System.getProperty("file.encoding"))' | jshell -s -)"; [ "$fileEncoding" = 'UTF-8' ]; rm -rf ~/.java; \
javac --version; \
diff --git a/openjdk_16-oraclelinux7/Dockerfile b/openjdk_16-oraclelinux7/Dockerfile
index d4a2433..6e114b2 100644
--- a/openjdk_16-oraclelinux7/Dockerfile
+++ b/openjdk_16-oraclelinux7/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM oraclelinux:7-slim
RUN set -eux; \
@@ -14,35 +20,30 @@ RUN set -eux; \
; \
rm -rf /var/cache/yum
-# Default to UTF-8 file.encoding
-ENV LANG en_US.UTF-8
-
ENV JAVA_HOME /usr/java/openjdk-16
ENV PATH $JAVA_HOME/bin:$PATH
+# Default to UTF-8 file.encoding
+ENV LANG en_US.UTF-8
+
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 16-ea+33
+ENV JAVA_VERSION 16-ea+34
RUN set -eux; \
\
- objdump="$(command -v objdump)"; \
- arch="$(objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
-# this "case" statement is generated via "update.sh"
+ arch="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
case "$arch" in \
-# arm64v8
- arm64 | aarch64) \
- downloadUrl=https://download.java.net/java/early_access/jdk16/33/GPL/openjdk-16-ea+33_linux-aarch64_bin.tar.gz; \
- downloadSha256=1da1b96306a0ede9e1c7b4284772b5de3c9f8f08f895e082f561f5f3c86ea3be; \
+ 'i386:x86-64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk16/34/GPL/openjdk-16-ea+34_linux-x64_bin.tar.gz'; \
+ downloadSha256='11fd069e3a17a17268b9bb0c8bfd440016af686acfe8d3a4bfd71381fbce22dc'; \
;; \
-# amd64
- amd64 | i386:x86-64) \
- downloadUrl=https://download.java.net/java/early_access/jdk16/33/GPL/openjdk-16-ea+33_linux-x64_bin.tar.gz; \
- downloadSha256=ba2ac6ccca898cd63090d768b89a95fba76b6303a55c41e851d75dd0c5afcee8; \
+ 'aarch64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk16/34/GPL/openjdk-16-ea+34_linux-aarch64_bin.tar.gz'; \
+ downloadSha256='9c294a8b7c440c45968fc16d3aa3261be71b00a7fad22b7aafa2a7b7381e5f2c'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -56,7 +57,11 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
+ \
+ rm -rf "$JAVA_HOME/lib/security/cacerts"; \
+# see "update-ca-trust" script which creates/maintains this cacerts bundle
+ ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
\
# https://github.com/oracle/docker-images/blob/a56e0d1ed968ff669d2e2ba8a1483d0f3acc80c0/OracleJava/java-8/Dockerfile#L17-L19
ln -sfT "$JAVA_HOME" /usr/java/default; \
@@ -71,10 +76,6 @@ RUN set -eux; \
# https://openjdk.java.net/jeps/341
java -Xshare:dump; \
\
-# see "update-ca-trust" script which creates/maintains this cacerts bundle
- rm -rf "$JAVA_HOME/lib/security/cacerts"; \
- ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
- \
# basic smoke test
fileEncoding="$(echo 'System.out.println(System.getProperty("file.encoding"))' | jshell -s -)"; [ "$fileEncoding" = 'UTF-8' ]; rm -rf ~/.java; \
javac --version; \
diff --git a/openjdk_16-slim/Dockerfile b/openjdk_16-slim/Dockerfile
index 06d3668..d8a0869 100644
--- a/openjdk_16-slim/Dockerfile
+++ b/openjdk_16-slim/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM debian:buster-slim
RUN set -eux; \
@@ -8,37 +14,30 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-16
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 16-ea+33
+ENV JAVA_VERSION 16-ea+34
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# arm64v8
- arm64 | aarch64) \
- downloadUrl=https://download.java.net/java/early_access/jdk16/33/GPL/openjdk-16-ea+33_linux-aarch64_bin.tar.gz; \
- downloadSha256=1da1b96306a0ede9e1c7b4284772b5de3c9f8f08f895e082f561f5f3c86ea3be; \
+ 'amd64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk16/34/GPL/openjdk-16-ea+34_linux-x64_bin.tar.gz'; \
+ downloadSha256='11fd069e3a17a17268b9bb0c8bfd440016af686acfe8d3a4bfd71381fbce22dc'; \
;; \
-# amd64
- amd64 | i386:x86-64) \
- downloadUrl=https://download.java.net/java/early_access/jdk16/33/GPL/openjdk-16-ea+33_linux-x64_bin.tar.gz; \
- downloadSha256=ba2ac6ccca898cd63090d768b89a95fba76b6303a55c41e851d75dd0c5afcee8; \
+ 'arm64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk16/34/GPL/openjdk-16-ea+34_linux-aarch64_bin.tar.gz'; \
+ downloadSha256='9c294a8b7c440c45968fc16d3aa3261be71b00a7fad22b7aafa2a7b7381e5f2c'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -49,7 +48,7 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*; \
\
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
echo "$downloadSha256 *openjdk.tgz" | sha256sum --strict --check -; \
\
mkdir -p "$JAVA_HOME"; \
@@ -59,7 +58,7 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
\
apt-mark auto '.*' > /dev/null; \
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
@@ -73,11 +72,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
diff --git a/openjdk_16-windowsservercore-1809/Dockerfile b/openjdk_16-windowsservercore-1809/Dockerfile
index 8144556..70b4ebd 100644
--- a/openjdk_16-windowsservercore-1809/Dockerfile
+++ b/openjdk_16-windowsservercore-1809/Dockerfile
@@ -1,9 +1,15 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:1809
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
-# enable TLS 1.2 (Nano Server doesn't support using "[Net.ServicePointManager]::SecurityProtocol")
+# enable TLS 1.2
# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
@@ -14,21 +20,22 @@ RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-n
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
- New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
ENV JAVA_HOME C:\\openjdk-16
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 16-ea+33
-ENV JAVA_URL https://download.java.net/java/early_access/jdk16/33/GPL/openjdk-16-ea+33_windows-x64_bin.zip
-ENV JAVA_SHA256 b1f3c41d34eb15946fe1fe5793ed38705a41d6b76612319913be9d677ad0b24c
+ENV JAVA_VERSION 16-ea+34
+ENV JAVA_URL https://download.java.net/java/early_access/jdk16/34/GPL/openjdk-16-ea+34_windows-x64_bin.zip
+ENV JAVA_SHA256 3a3a6d963036a20df0ce9ed0a0e9eae6ea27ca34279d9f1960390d3cc56b0f0e
RUN Write-Host ('Downloading {0} ...' -f $env:JAVA_URL); \
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
diff --git a/openjdk_16-windowsservercore-ltsc2016/Dockerfile b/openjdk_16-windowsservercore-ltsc2016/Dockerfile
index e8e63aa..cff85b7 100644
--- a/openjdk_16-windowsservercore-ltsc2016/Dockerfile
+++ b/openjdk_16-windowsservercore-ltsc2016/Dockerfile
@@ -1,9 +1,15 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:ltsc2016
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
-# enable TLS 1.2 (Nano Server doesn't support using "[Net.ServicePointManager]::SecurityProtocol")
+# enable TLS 1.2
# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
@@ -14,21 +20,22 @@ RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-n
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
- New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
ENV JAVA_HOME C:\\openjdk-16
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 16-ea+33
-ENV JAVA_URL https://download.java.net/java/early_access/jdk16/33/GPL/openjdk-16-ea+33_windows-x64_bin.zip
-ENV JAVA_SHA256 b1f3c41d34eb15946fe1fe5793ed38705a41d6b76612319913be9d677ad0b24c
+ENV JAVA_VERSION 16-ea+34
+ENV JAVA_URL https://download.java.net/java/early_access/jdk16/34/GPL/openjdk-16-ea+34_windows-x64_bin.zip
+ENV JAVA_SHA256 3a3a6d963036a20df0ce9ed0a0e9eae6ea27ca34279d9f1960390d3cc56b0f0e
RUN Write-Host ('Downloading {0} ...' -f $env:JAVA_URL); \
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
diff --git a/openjdk_16-alpine/Dockerfile b/openjdk_17-alpine/Dockerfile
similarity index 75%
copy from openjdk_16-alpine/Dockerfile
copy to openjdk_17-alpine/Dockerfile
index db71a6a..73022fc 100644
--- a/openjdk_16-alpine/Dockerfile
+++ b/openjdk_17-alpine/Dockerfile
@@ -1,28 +1,31 @@
-FROM alpine:3.12
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.13
RUN apk add --no-cache java-cacerts
-ENV JAVA_HOME /opt/openjdk-16
+ENV JAVA_HOME /opt/openjdk-17
ENV PATH $JAVA_HOME/bin:$PATH
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 16-ea+32
+ENV JAVA_VERSION 17-ea+5
# "For Alpine Linux, builds are produced on a reduced schedule and may not be in sync with the other platforms."
RUN set -eux; \
\
arch="$(apk --print-arch)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# amd64
- x86_64) \
- downloadUrl=https://download.java.net/java/early_access/alpine/32/binaries/openjdk-16-ea+32_linux-x64-musl_bin.tar.gz; \
- downloadSha256=f9ec3071fdea08ca5be7b149d6c2f2689814e3ee86ee15b7981f5eed76280985; \
+ 'x86_64') \
+ downloadUrl='https://download.java.net/java/early_access/alpine/5/binaries/openjdk-17-ea+5_linux-x64-musl_bin.tar.gz'; \
+ downloadSha256='709daae3577453dba8e4ea03e8b52daeb11370648d2da1d012df527556c0cda2'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -36,10 +39,10 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
\
-# see "java-cacerts" package installed above (which maintains "/etc/ssl/certs/java/cacerts" for us)
rm -rf "$JAVA_HOME/lib/security/cacerts"; \
+# see "java-cacerts" package installed above (which maintains "/etc/ssl/certs/java/cacerts" for us)
ln -sT /etc/ssl/certs/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
\
# https://github.com/docker-library/openjdk/issues/212#issuecomment-420979840
diff --git a/openjdk_16-alpine/Dockerfile b/openjdk_17-alpine3.12/Dockerfile
similarity index 76%
copy from openjdk_16-alpine/Dockerfile
copy to openjdk_17-alpine3.12/Dockerfile
index db71a6a..899d4ce 100644
--- a/openjdk_16-alpine/Dockerfile
+++ b/openjdk_17-alpine3.12/Dockerfile
@@ -1,28 +1,31 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM alpine:3.12
RUN apk add --no-cache java-cacerts
-ENV JAVA_HOME /opt/openjdk-16
+ENV JAVA_HOME /opt/openjdk-17
ENV PATH $JAVA_HOME/bin:$PATH
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 16-ea+32
+ENV JAVA_VERSION 17-ea+5
# "For Alpine Linux, builds are produced on a reduced schedule and may not be in sync with the other platforms."
RUN set -eux; \
\
arch="$(apk --print-arch)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# amd64
- x86_64) \
- downloadUrl=https://download.java.net/java/early_access/alpine/32/binaries/openjdk-16-ea+32_linux-x64-musl_bin.tar.gz; \
- downloadSha256=f9ec3071fdea08ca5be7b149d6c2f2689814e3ee86ee15b7981f5eed76280985; \
+ 'x86_64') \
+ downloadUrl='https://download.java.net/java/early_access/alpine/5/binaries/openjdk-17-ea+5_linux-x64-musl_bin.tar.gz'; \
+ downloadSha256='709daae3577453dba8e4ea03e8b52daeb11370648d2da1d012df527556c0cda2'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -36,10 +39,10 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
\
-# see "java-cacerts" package installed above (which maintains "/etc/ssl/certs/java/cacerts" for us)
rm -rf "$JAVA_HOME/lib/security/cacerts"; \
+# see "java-cacerts" package installed above (which maintains "/etc/ssl/certs/java/cacerts" for us)
ln -sT /etc/ssl/certs/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
\
# https://github.com/docker-library/openjdk/issues/212#issuecomment-420979840
diff --git a/openjdk_17-buster/Dockerfile b/openjdk_17-buster/Dockerfile
index 2da350f..901f892 100644
--- a/openjdk_17-buster/Dockerfile
+++ b/openjdk_17-buster/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM buildpack-deps:buster-scm
RUN set -eux; \
@@ -7,54 +13,48 @@ RUN set -eux; \
unzip \
xz-utils \
\
-# utilities for keeping Debian and OpenJDK CA certificates in sync
- ca-certificates p11-kit \
- \
# jlink --strip-debug on 13+ needs objcopy: https://github.com/docker-library/openjdk/issues/351
# Error: java.io.IOException: Cannot run program "objcopy": error=2, No such file or directory
binutils \
+ \
# java.lang.UnsatisfiedLinkError: /usr/local/openjdk-11/lib/libfontmanager.so: libfreetype.so.6: cannot open shared object file: No such file or directory
# java.lang.NoClassDefFoundError: Could not initialize class sun.awt.X11FontManager
# https://github.com/docker-library/openjdk/pull/235#issuecomment-424466077
fontconfig libfreetype6 \
+ \
+# utilities for keeping Debian and OpenJDK CA certificates in sync
+ ca-certificates p11-kit \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-17
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 17-ea+6
+ENV JAVA_VERSION 17-ea+7
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# arm64v8
- arm64 | aarch64) \
- downloadUrl=https://download.java.net/java/early_access/jdk17/6/GPL/openjdk-17-ea+6_linux-aarch64_bin.tar.gz; \
- downloadSha256=fc7ad87123841b528112c6fa94883b28dc3bb0ea174d3a3795fe2c2873a68f6f; \
+ 'amd64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk17/7/GPL/openjdk-17-ea+7_linux-x64_bin.tar.gz'; \
+ downloadSha256='0e340613945c78b2eb714ba0850604a1a80a9678ba0e8d81f66629c0ca2c36b1'; \
;; \
-# amd64
- amd64 | i386:x86-64) \
- downloadUrl=https://download.java.net/java/early_access/jdk17/6/GPL/openjdk-17-ea+6_linux-x64_bin.tar.gz; \
- downloadSha256=f9082a010d2be7b1a1b462d86345d797f311bde30ddf2ccefe7e718ec49de334; \
+ 'arm64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk17/7/GPL/openjdk-17-ea+7_linux-aarch64_bin.tar.gz'; \
+ downloadSha256='f3f80fc9b41cfddd89d263ae66c0f514aaeb3db2eadd6c9bf3c31e1b2cdcf44e'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
echo "$downloadSha256 *openjdk.tgz" | sha256sum --strict --check -; \
\
mkdir -p "$JAVA_HOME"; \
@@ -64,7 +64,7 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
\
# update "cacerts" bundle to use Debian's CA certificates (and make sure it stays up-to-date with changes to Debian's store)
# see https://github.com/docker-library/openjdk/issues/327
@@ -74,11 +74,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
diff --git a/openjdk_17-nanoserver-1809/Dockerfile b/openjdk_17-nanoserver-1809/Dockerfile
index 37546c8..63b9e68 100644
--- a/openjdk_17-nanoserver-1809/Dockerfile
+++ b/openjdk_17-nanoserver-1809/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/nanoserver:1809
SHELL ["cmd", "/s", "/c"]
@@ -6,20 +12,22 @@ ENV JAVA_HOME C:\\openjdk-17
# "ERROR: Access to the registry path is denied."
USER ContainerAdministrator
RUN echo Updating PATH: %JAVA_HOME%\bin;%PATH% \
- && setx /M PATH %JAVA_HOME%\bin;%PATH%
+ && setx /M PATH %JAVA_HOME%\bin;%PATH% \
+ && echo Complete.
USER ContainerUser
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 17-ea+6
+ENV JAVA_VERSION 17-ea+7
-COPY --from=openjdk:17-ea-6-jdk-windowsservercore-1809 $JAVA_HOME $JAVA_HOME
+COPY --from=openjdk:17-ea-7-jdk-windowsservercore-1809 $JAVA_HOME $JAVA_HOME
RUN echo Verifying install ... \
&& echo javac --version && javac --version \
- && echo java --version && java --version
+ && echo java --version && java --version \
+ && echo Complete.
# "jshell" is an interactive REPL for Java (see https://en.wikipedia.org/wiki/JShell)
CMD ["jshell"]
diff --git a/openjdk_17-oracle/Dockerfile b/openjdk_17-oracle/Dockerfile
index e69a795..a6ab25f 100644
--- a/openjdk_17-oracle/Dockerfile
+++ b/openjdk_17-oracle/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM oraclelinux:8-slim
RUN set -eux; \
@@ -14,35 +20,30 @@ RUN set -eux; \
; \
microdnf clean all
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/java/openjdk-17
ENV PATH $JAVA_HOME/bin:$PATH
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
+
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 17-ea+6
+ENV JAVA_VERSION 17-ea+7
RUN set -eux; \
\
- objdump="$(command -v objdump)"; \
- arch="$(objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
-# this "case" statement is generated via "update.sh"
+ arch="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
case "$arch" in \
-# arm64v8
- arm64 | aarch64) \
- downloadUrl=https://download.java.net/java/early_access/jdk17/6/GPL/openjdk-17-ea+6_linux-aarch64_bin.tar.gz; \
- downloadSha256=fc7ad87123841b528112c6fa94883b28dc3bb0ea174d3a3795fe2c2873a68f6f; \
+ 'i386:x86-64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk17/7/GPL/openjdk-17-ea+7_linux-x64_bin.tar.gz'; \
+ downloadSha256='0e340613945c78b2eb714ba0850604a1a80a9678ba0e8d81f66629c0ca2c36b1'; \
;; \
-# amd64
- amd64 | i386:x86-64) \
- downloadUrl=https://download.java.net/java/early_access/jdk17/6/GPL/openjdk-17-ea+6_linux-x64_bin.tar.gz; \
- downloadSha256=f9082a010d2be7b1a1b462d86345d797f311bde30ddf2ccefe7e718ec49de334; \
+ 'aarch64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk17/7/GPL/openjdk-17-ea+7_linux-aarch64_bin.tar.gz'; \
+ downloadSha256='f3f80fc9b41cfddd89d263ae66c0f514aaeb3db2eadd6c9bf3c31e1b2cdcf44e'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -56,7 +57,11 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
+ \
+ rm -rf "$JAVA_HOME/lib/security/cacerts"; \
+# see "update-ca-trust" script which creates/maintains this cacerts bundle
+ ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
\
# https://github.com/oracle/docker-images/blob/a56e0d1ed968ff669d2e2ba8a1483d0f3acc80c0/OracleJava/java-8/Dockerfile#L17-L19
ln -sfT "$JAVA_HOME" /usr/java/default; \
@@ -71,10 +76,6 @@ RUN set -eux; \
# https://openjdk.java.net/jeps/341
java -Xshare:dump; \
\
-# see "update-ca-trust" script which creates/maintains this cacerts bundle
- rm -rf "$JAVA_HOME/lib/security/cacerts"; \
- ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
- \
# basic smoke test
fileEncoding="$(echo 'System.out.println(System.getProperty("file.encoding"))' | jshell -s -)"; [ "$fileEncoding" = 'UTF-8' ]; rm -rf ~/.java; \
javac --version; \
diff --git a/openjdk_17-oraclelinux7/Dockerfile b/openjdk_17-oraclelinux7/Dockerfile
index 0974f59..cd886f8 100644
--- a/openjdk_17-oraclelinux7/Dockerfile
+++ b/openjdk_17-oraclelinux7/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM oraclelinux:7-slim
RUN set -eux; \
@@ -14,35 +20,30 @@ RUN set -eux; \
; \
rm -rf /var/cache/yum
-# Default to UTF-8 file.encoding
-ENV LANG en_US.UTF-8
-
ENV JAVA_HOME /usr/java/openjdk-17
ENV PATH $JAVA_HOME/bin:$PATH
+# Default to UTF-8 file.encoding
+ENV LANG en_US.UTF-8
+
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 17-ea+6
+ENV JAVA_VERSION 17-ea+7
RUN set -eux; \
\
- objdump="$(command -v objdump)"; \
- arch="$(objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
-# this "case" statement is generated via "update.sh"
+ arch="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
case "$arch" in \
-# arm64v8
- arm64 | aarch64) \
- downloadUrl=https://download.java.net/java/early_access/jdk17/6/GPL/openjdk-17-ea+6_linux-aarch64_bin.tar.gz; \
- downloadSha256=fc7ad87123841b528112c6fa94883b28dc3bb0ea174d3a3795fe2c2873a68f6f; \
+ 'i386:x86-64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk17/7/GPL/openjdk-17-ea+7_linux-x64_bin.tar.gz'; \
+ downloadSha256='0e340613945c78b2eb714ba0850604a1a80a9678ba0e8d81f66629c0ca2c36b1'; \
;; \
-# amd64
- amd64 | i386:x86-64) \
- downloadUrl=https://download.java.net/java/early_access/jdk17/6/GPL/openjdk-17-ea+6_linux-x64_bin.tar.gz; \
- downloadSha256=f9082a010d2be7b1a1b462d86345d797f311bde30ddf2ccefe7e718ec49de334; \
+ 'aarch64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk17/7/GPL/openjdk-17-ea+7_linux-aarch64_bin.tar.gz'; \
+ downloadSha256='f3f80fc9b41cfddd89d263ae66c0f514aaeb3db2eadd6c9bf3c31e1b2cdcf44e'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -56,7 +57,11 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
+ \
+ rm -rf "$JAVA_HOME/lib/security/cacerts"; \
+# see "update-ca-trust" script which creates/maintains this cacerts bundle
+ ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
\
# https://github.com/oracle/docker-images/blob/a56e0d1ed968ff669d2e2ba8a1483d0f3acc80c0/OracleJava/java-8/Dockerfile#L17-L19
ln -sfT "$JAVA_HOME" /usr/java/default; \
@@ -71,10 +76,6 @@ RUN set -eux; \
# https://openjdk.java.net/jeps/341
java -Xshare:dump; \
\
-# see "update-ca-trust" script which creates/maintains this cacerts bundle
- rm -rf "$JAVA_HOME/lib/security/cacerts"; \
- ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
- \
# basic smoke test
fileEncoding="$(echo 'System.out.println(System.getProperty("file.encoding"))' | jshell -s -)"; [ "$fileEncoding" = 'UTF-8' ]; rm -rf ~/.java; \
javac --version; \
diff --git a/openjdk_17-slim/Dockerfile b/openjdk_17-slim/Dockerfile
index c1fcd47..85050c8 100644
--- a/openjdk_17-slim/Dockerfile
+++ b/openjdk_17-slim/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM debian:buster-slim
RUN set -eux; \
@@ -8,37 +14,30 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-17
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 17-ea+6
+ENV JAVA_VERSION 17-ea+7
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# arm64v8
- arm64 | aarch64) \
- downloadUrl=https://download.java.net/java/early_access/jdk17/6/GPL/openjdk-17-ea+6_linux-aarch64_bin.tar.gz; \
- downloadSha256=fc7ad87123841b528112c6fa94883b28dc3bb0ea174d3a3795fe2c2873a68f6f; \
+ 'amd64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk17/7/GPL/openjdk-17-ea+7_linux-x64_bin.tar.gz'; \
+ downloadSha256='0e340613945c78b2eb714ba0850604a1a80a9678ba0e8d81f66629c0ca2c36b1'; \
;; \
-# amd64
- amd64 | i386:x86-64) \
- downloadUrl=https://download.java.net/java/early_access/jdk17/6/GPL/openjdk-17-ea+6_linux-x64_bin.tar.gz; \
- downloadSha256=f9082a010d2be7b1a1b462d86345d797f311bde30ddf2ccefe7e718ec49de334; \
+ 'arm64') \
+ downloadUrl='https://download.java.net/java/early_access/jdk17/7/GPL/openjdk-17-ea+7_linux-aarch64_bin.tar.gz'; \
+ downloadSha256='f3f80fc9b41cfddd89d263ae66c0f514aaeb3db2eadd6c9bf3c31e1b2cdcf44e'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -49,7 +48,7 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*; \
\
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
echo "$downloadSha256 *openjdk.tgz" | sha256sum --strict --check -; \
\
mkdir -p "$JAVA_HOME"; \
@@ -59,7 +58,7 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
\
apt-mark auto '.*' > /dev/null; \
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
@@ -73,11 +72,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
diff --git a/openjdk_17-windowsservercore-1809/Dockerfile b/openjdk_17-windowsservercore-1809/Dockerfile
index 2b8a6c8..7cb1ae1 100644
--- a/openjdk_17-windowsservercore-1809/Dockerfile
+++ b/openjdk_17-windowsservercore-1809/Dockerfile
@@ -1,9 +1,15 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:1809
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
-# enable TLS 1.2 (Nano Server doesn't support using "[Net.ServicePointManager]::SecurityProtocol")
+# enable TLS 1.2
# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
@@ -14,21 +20,22 @@ RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-n
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
- New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
ENV JAVA_HOME C:\\openjdk-17
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 17-ea+6
-ENV JAVA_URL https://download.java.net/java/early_access/jdk17/6/GPL/openjdk-17-ea+6_windows-x64_bin.zip
-ENV JAVA_SHA256 092515916b17daf4049c14e69c0505a18150be4896e190d82c68aa962275feaa
+ENV JAVA_VERSION 17-ea+7
+ENV JAVA_URL https://download.java.net/java/early_access/jdk17/7/GPL/openjdk-17-ea+7_windows-x64_bin.zip
+ENV JAVA_SHA256 7fa795be0deebf36bbf21b5775a7aae0a671642dd431b0b068a9db3e6f8306e0
RUN Write-Host ('Downloading {0} ...' -f $env:JAVA_URL); \
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
diff --git a/openjdk_17-windowsservercore-ltsc2016/Dockerfile b/openjdk_17-windowsservercore-ltsc2016/Dockerfile
index 9b519a3..6972bd3 100644
--- a/openjdk_17-windowsservercore-ltsc2016/Dockerfile
+++ b/openjdk_17-windowsservercore-ltsc2016/Dockerfile
@@ -1,9 +1,15 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:ltsc2016
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
-# enable TLS 1.2 (Nano Server doesn't support using "[Net.ServicePointManager]::SecurityProtocol")
+# enable TLS 1.2
# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
@@ -14,21 +20,22 @@ RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-n
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
- New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
ENV JAVA_HOME C:\\openjdk-17
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
-ENV JAVA_VERSION 17-ea+6
-ENV JAVA_URL https://download.java.net/java/early_access/jdk17/6/GPL/openjdk-17-ea+6_windows-x64_bin.zip
-ENV JAVA_SHA256 092515916b17daf4049c14e69c0505a18150be4896e190d82c68aa962275feaa
+ENV JAVA_VERSION 17-ea+7
+ENV JAVA_URL https://download.java.net/java/early_access/jdk17/7/GPL/openjdk-17-ea+7_windows-x64_bin.zip
+ENV JAVA_SHA256 7fa795be0deebf36bbf21b5775a7aae0a671642dd431b0b068a9db3e6f8306e0
RUN Write-Host ('Downloading {0} ...' -f $env:JAVA_URL); \
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
diff --git a/openjdk_8-buster/Dockerfile b/openjdk_8-buster/Dockerfile
index d199ed1..d8e7bf6 100644
--- a/openjdk_8-buster/Dockerfile
+++ b/openjdk_8-buster/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM buildpack-deps:buster-scm
RUN set -eux; \
@@ -7,24 +13,22 @@ RUN set -eux; \
unzip \
xz-utils \
\
-# utilities for keeping Debian and OpenJDK CA certificates in sync
- ca-certificates p11-kit \
- \
# java.lang.UnsatisfiedLinkError: /usr/local/openjdk-11/lib/libfontmanager.so: libfreetype.so.6: cannot open shared object file: No such file or directory
# java.lang.NoClassDefFoundError: Could not initialize class sun.awt.X11FontManager
# https://github.com/docker-library/openjdk/pull/235#issuecomment-424466077
fontconfig libfreetype6 \
+ \
+# utilities for keeping Debian and OpenJDK CA certificates in sync
+ ca-certificates p11-kit \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-8
+RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ] # backwards compatibility
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://adoptopenjdk.net/upstream.html
# >
@@ -43,24 +47,24 @@ ENV JAVA_VERSION 8u282
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# amd64
- amd64 | i386:x86-64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u282-b08/OpenJDK8U-jdk_x64_linux_8u282b08.tar.gz ;; \
-# fallback
+ 'amd64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u282-b08/OpenJDK8U-jdk_x64_linux_8u282b08.tar.gz'; \
+ ;; \
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
- wget -O openjdk.tgz.asc "$downloadUrl.sign"; \
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
+ wget --progress=dot:giga -O openjdk.tgz.asc "$downloadUrl.sign"; \
\
export GNUPGHOME="$(mktemp -d)"; \
+# pre-fetch Andrew Haley's (the OpenJDK 8 and 11 Updates OpenJDK project lead) key so we can verify that the OpenJDK key was signed by it
+# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
+# we pre-fetch this so that the signature it makes on the OpenJDK key can survive "import-clean" in gpg
+ gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
# TODO find a good link for users to verify this key is right (https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-April/000951.html is one of the only mentions of it I can find); perhaps a note added to https://adoptopenjdk.net/upstream.html would make sense?
# no-self-sigs-only: https://salsa.debian.org/debian/gnupg2/commit/c93ca04a53569916308b369c8b218dad5ae8fe07
gpg --batch --keyserver ha.pool.sks-keyservers.net --keyserver-options no-self-sigs-only --recv-keys CA5F11C6CE22644D42C6AC4492EF8D39DC13168F; \
-# also verify that key was signed by Andrew Haley (the OpenJDK 8 and 11 Updates OpenJDK project lead)
-# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
- gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
gpg --batch --list-sigs --keyid-format 0xLONG CA5F11C6CE22644D42C6AC4492EF8D39DC13168F \
| tee /dev/stderr \
| grep '0xA5CD6035332FA671' \
@@ -78,8 +82,6 @@ RUN set -eux; \
; \
rm openjdk.tgz*; \
\
-# TODO strip "demo" and "man" folders?
- \
# update "cacerts" bundle to use Debian's CA certificates (and make sure it stays up-to-date with changes to Debian's store)
# see https://github.com/docker-library/openjdk/issues/327
# http://rabexc.org/posts/certificates-not-working-java#comment-4099504075
@@ -88,11 +90,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/jre/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
diff --git a/openjdk_8-jre-buster/Dockerfile b/openjdk_8-jre-buster/Dockerfile
index 0154949..55c0175 100644
--- a/openjdk_8-jre-buster/Dockerfile
+++ b/openjdk_8-jre-buster/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM buildpack-deps:buster-curl
RUN set -eux; \
@@ -7,24 +13,22 @@ RUN set -eux; \
unzip \
xz-utils \
\
-# utilities for keeping Debian and OpenJDK CA certificates in sync
- ca-certificates p11-kit \
- \
# java.lang.UnsatisfiedLinkError: /usr/local/openjdk-11/lib/libfontmanager.so: libfreetype.so.6: cannot open shared object file: No such file or directory
# java.lang.NoClassDefFoundError: Could not initialize class sun.awt.X11FontManager
# https://github.com/docker-library/openjdk/pull/235#issuecomment-424466077
fontconfig libfreetype6 \
+ \
+# utilities for keeping Debian and OpenJDK CA certificates in sync
+ ca-certificates p11-kit \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-8
+RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ] # backwards compatibility
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://adoptopenjdk.net/upstream.html
# >
@@ -43,24 +47,24 @@ ENV JAVA_VERSION 8u282
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# amd64
- amd64 | i386:x86-64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u282-b08/OpenJDK8U-jre_x64_linux_8u282b08.tar.gz ;; \
-# fallback
+ 'amd64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u282-b08/OpenJDK8U-jre_x64_linux_8u282b08.tar.gz'; \
+ ;; \
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
- wget -O openjdk.tgz.asc "$downloadUrl.sign"; \
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
+ wget --progress=dot:giga -O openjdk.tgz.asc "$downloadUrl.sign"; \
\
export GNUPGHOME="$(mktemp -d)"; \
+# pre-fetch Andrew Haley's (the OpenJDK 8 and 11 Updates OpenJDK project lead) key so we can verify that the OpenJDK key was signed by it
+# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
+# we pre-fetch this so that the signature it makes on the OpenJDK key can survive "import-clean" in gpg
+ gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
# TODO find a good link for users to verify this key is right (https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-April/000951.html is one of the only mentions of it I can find); perhaps a note added to https://adoptopenjdk.net/upstream.html would make sense?
# no-self-sigs-only: https://salsa.debian.org/debian/gnupg2/commit/c93ca04a53569916308b369c8b218dad5ae8fe07
gpg --batch --keyserver ha.pool.sks-keyservers.net --keyserver-options no-self-sigs-only --recv-keys CA5F11C6CE22644D42C6AC4492EF8D39DC13168F; \
-# also verify that key was signed by Andrew Haley (the OpenJDK 8 and 11 Updates OpenJDK project lead)
-# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
- gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
gpg --batch --list-sigs --keyid-format 0xLONG CA5F11C6CE22644D42C6AC4492EF8D39DC13168F \
| tee /dev/stderr \
| grep '0xA5CD6035332FA671' \
@@ -78,8 +82,6 @@ RUN set -eux; \
; \
rm openjdk.tgz*; \
\
-# TODO strip "demo" and "man" folders?
- \
# update "cacerts" bundle to use Debian's CA certificates (and make sure it stays up-to-date with changes to Debian's store)
# see https://github.com/docker-library/openjdk/issues/327
# http://rabexc.org/posts/certificates-not-working-java#comment-4099504075
@@ -88,11 +90,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
diff --git a/openjdk_8-jre-nanoserver-1809/Dockerfile b/openjdk_8-jre-nanoserver-1809/Dockerfile
index 7aa9925..9ae3798 100644
--- a/openjdk_8-jre-nanoserver-1809/Dockerfile
+++ b/openjdk_8-jre-nanoserver-1809/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/nanoserver:1809
SHELL ["cmd", "/s", "/c"]
@@ -6,7 +12,8 @@ ENV JAVA_HOME C:\\openjdk-8
# "ERROR: Access to the registry path is denied."
USER ContainerAdministrator
RUN echo Updating PATH: %JAVA_HOME%\bin;%PATH% \
- && setx /M PATH %JAVA_HOME%\bin;%PATH%
+ && setx /M PATH %JAVA_HOME%\bin;%PATH% \
+ && echo Complete.
USER ContainerUser
# https://adoptopenjdk.net/upstream.html
@@ -26,4 +33,5 @@ ENV JAVA_VERSION 8u282
COPY --from=openjdk:8u282-jre-windowsservercore-1809 $JAVA_HOME $JAVA_HOME
RUN echo Verifying install ... \
- && echo java -version && java -version
+ && echo java -version && java -version \
+ && echo Complete.
diff --git a/openjdk_8-jre-slim/Dockerfile b/openjdk_8-jre-slim/Dockerfile
index c6c3aba..bc540a8 100644
--- a/openjdk_8-jre-slim/Dockerfile
+++ b/openjdk_8-jre-slim/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM debian:buster-slim
RUN set -eux; \
@@ -8,14 +14,12 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-8
+RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ] # backwards compatibility
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://adoptopenjdk.net/upstream.html
# >
@@ -34,11 +38,10 @@ ENV JAVA_VERSION 8u282
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# amd64
- amd64 | i386:x86-64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u282-b08/OpenJDK8U-jre_x64_linux_8u282b08.tar.gz ;; \
-# fallback
+ 'amd64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u282-b08/OpenJDK8U-jre_x64_linux_8u282b08.tar.gz'; \
+ ;; \
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -51,16 +54,17 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*; \
\
- wget -O openjdk.tgz.asc "$downloadUrl.sign"; \
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
+ wget --progress=dot:giga -O openjdk.tgz.asc "$downloadUrl.sign"; \
\
export GNUPGHOME="$(mktemp -d)"; \
+# pre-fetch Andrew Haley's (the OpenJDK 8 and 11 Updates OpenJDK project lead) key so we can verify that the OpenJDK key was signed by it
+# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
+# we pre-fetch this so that the signature it makes on the OpenJDK key can survive "import-clean" in gpg
+ gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
# TODO find a good link for users to verify this key is right (https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-April/000951.html is one of the only mentions of it I can find); perhaps a note added to https://adoptopenjdk.net/upstream.html would make sense?
# no-self-sigs-only: https://salsa.debian.org/debian/gnupg2/commit/c93ca04a53569916308b369c8b218dad5ae8fe07
gpg --batch --keyserver ha.pool.sks-keyservers.net --keyserver-options no-self-sigs-only --recv-keys CA5F11C6CE22644D42C6AC4492EF8D39DC13168F; \
-# also verify that key was signed by Andrew Haley (the OpenJDK 8 and 11 Updates OpenJDK project lead)
-# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
- gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
gpg --batch --list-sigs --keyid-format 0xLONG CA5F11C6CE22644D42C6AC4492EF8D39DC13168F \
| tee /dev/stderr \
| grep '0xA5CD6035332FA671' \
@@ -78,8 +82,6 @@ RUN set -eux; \
; \
rm openjdk.tgz*; \
\
-# TODO strip "demo" and "man" folders?
- \
apt-mark auto '.*' > /dev/null; \
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
@@ -92,11 +94,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
diff --git a/openjdk_8-jre-windowsservercore-1809/Dockerfile b/openjdk_8-jre-windowsservercore-1809/Dockerfile
index 336164d..f7e2349 100644
--- a/openjdk_8-jre-windowsservercore-1809/Dockerfile
+++ b/openjdk_8-jre-windowsservercore-1809/Dockerfile
@@ -1,13 +1,33 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:1809
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
+# enable TLS 1.2
+# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
+# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
+RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
+ $tls12RegBase = 'HKLM:\\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2'; \
+ if (Test-Path $tls12RegBase) { throw ('"{0}" already exists!' -f $tls12RegBase) }; \
+ New-Item -Path ('{0}/Client' -f $tls12RegBase) -Force; \
+ New-Item -Path ('{0}/Server' -f $tls12RegBase) -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
+
ENV JAVA_HOME C:\\openjdk-8
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://adoptopenjdk.net/upstream.html
# >
diff --git a/openjdk_8-jre-windowsservercore-ltsc2016/Dockerfile b/openjdk_8-jre-windowsservercore-ltsc2016/Dockerfile
index afcc174..61ec93e 100644
--- a/openjdk_8-jre-windowsservercore-ltsc2016/Dockerfile
+++ b/openjdk_8-jre-windowsservercore-ltsc2016/Dockerfile
@@ -1,13 +1,33 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:ltsc2016
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
+# enable TLS 1.2
+# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
+# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
+RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
+ $tls12RegBase = 'HKLM:\\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2'; \
+ if (Test-Path $tls12RegBase) { throw ('"{0}" already exists!' -f $tls12RegBase) }; \
+ New-Item -Path ('{0}/Client' -f $tls12RegBase) -Force; \
+ New-Item -Path ('{0}/Server' -f $tls12RegBase) -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
+
ENV JAVA_HOME C:\\openjdk-8
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://adoptopenjdk.net/upstream.html
# >
diff --git a/openjdk_8-nanoserver-1809/Dockerfile b/openjdk_8-nanoserver-1809/Dockerfile
index efc2292..98639b2 100644
--- a/openjdk_8-nanoserver-1809/Dockerfile
+++ b/openjdk_8-nanoserver-1809/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/nanoserver:1809
SHELL ["cmd", "/s", "/c"]
@@ -6,7 +12,8 @@ ENV JAVA_HOME C:\\openjdk-8
# "ERROR: Access to the registry path is denied."
USER ContainerAdministrator
RUN echo Updating PATH: %JAVA_HOME%\bin;%PATH% \
- && setx /M PATH %JAVA_HOME%\bin;%PATH%
+ && setx /M PATH %JAVA_HOME%\bin;%PATH% \
+ && echo Complete.
USER ContainerUser
# https://adoptopenjdk.net/upstream.html
@@ -27,4 +34,5 @@ COPY --from=openjdk:8u282-jdk-windowsservercore-1809 $JAVA_HOME $JAVA_HOME
RUN echo Verifying install ... \
&& echo javac -version && javac -version \
- && echo java -version && java -version
+ && echo java -version && java -version \
+ && echo Complete.
diff --git a/openjdk_8-oracle/Dockerfile b/openjdk_8-oracle/Dockerfile
index 12f27a5..6aa9b83 100644
--- a/openjdk_8-oracle/Dockerfile
+++ b/openjdk_8-oracle/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM oraclelinux:8-slim
RUN set -eux; \
@@ -14,12 +20,12 @@ RUN set -eux; \
; \
microdnf clean all
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/java/openjdk-8
ENV PATH $JAVA_HOME/bin:$PATH
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
+
# https://adoptopenjdk.net/upstream.html
# >
# > What are these binaries?
@@ -36,18 +42,16 @@ ENV JAVA_VERSION 8u282
RUN set -eux; \
\
- objdump="$(command -v objdump)"; \
- arch="$(objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
-# this "case" statement is generated via "update.sh"
+ arch="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
case "$arch" in \
-# amd64
- amd64 | i386:x86-64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u282-b08/OpenJDK8U-jdk_x64_linux_8u282b08.tar.gz ;; \
-# fallback
+ 'i386:x86-64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u282-b08/OpenJDK8U-jdk_x64_linux_8u282b08.tar.gz'; \
+ ;; \
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
- curl -fL -o openjdk.tgz.asc "$downloadUrl.sign"; \
curl -fL -o openjdk.tgz "$downloadUrl"; \
+ curl -fL -o openjdk.tgz.asc "$downloadUrl.sign"; \
\
export GNUPGHOME="$(mktemp -d)"; \
# pre-fetch Andrew Haley's (the OpenJDK 8 and 11 Updates OpenJDK project lead) key so we can verify that the OpenJDK key was signed by it
@@ -73,7 +77,9 @@ RUN set -eux; \
; \
rm openjdk.tgz*; \
\
-# TODO strip "demo" and "man" folders?
+ rm -rf "$JAVA_HOME/jre/lib/security/cacerts"; \
+# see "update-ca-trust" script which creates/maintains this cacerts bundle
+ ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/jre/lib/security/cacerts"; \
\
# https://github.com/oracle/docker-images/blob/a56e0d1ed968ff669d2e2ba8a1483d0f3acc80c0/OracleJava/java-8/Dockerfile#L17-L19
ln -sfT "$JAVA_HOME" /usr/java/default; \
@@ -84,13 +90,6 @@ RUN set -eux; \
alternatives --install "/usr/bin/$base" "$base" "$bin" 20000; \
done; \
\
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done; \
- if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi; \
-# see "update-ca-trust" script which creates/maintains this cacerts bundle
- rm -rf "$cacertsFile"; \
- ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$cacertsFile"; \
- \
# basic smoke test
javac -version; \
java -version
diff --git a/openjdk_8-oraclelinux7/Dockerfile b/openjdk_8-oraclelinux7/Dockerfile
index 36c788b..dec5ff6 100644
--- a/openjdk_8-oraclelinux7/Dockerfile
+++ b/openjdk_8-oraclelinux7/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM oraclelinux:7-slim
RUN set -eux; \
@@ -14,12 +20,12 @@ RUN set -eux; \
; \
rm -rf /var/cache/yum
-# Default to UTF-8 file.encoding
-ENV LANG en_US.UTF-8
-
ENV JAVA_HOME /usr/java/openjdk-8
ENV PATH $JAVA_HOME/bin:$PATH
+# Default to UTF-8 file.encoding
+ENV LANG en_US.UTF-8
+
# https://adoptopenjdk.net/upstream.html
# >
# > What are these binaries?
@@ -36,18 +42,16 @@ ENV JAVA_VERSION 8u282
RUN set -eux; \
\
- objdump="$(command -v objdump)"; \
- arch="$(objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
-# this "case" statement is generated via "update.sh"
+ arch="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
case "$arch" in \
-# amd64
- amd64 | i386:x86-64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u282-b08/OpenJDK8U-jdk_x64_linux_8u282b08.tar.gz ;; \
-# fallback
+ 'i386:x86-64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u282-b08/OpenJDK8U-jdk_x64_linux_8u282b08.tar.gz'; \
+ ;; \
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
- curl -fL -o openjdk.tgz.asc "$downloadUrl.sign"; \
curl -fL -o openjdk.tgz "$downloadUrl"; \
+ curl -fL -o openjdk.tgz.asc "$downloadUrl.sign"; \
\
export GNUPGHOME="$(mktemp -d)"; \
# pre-fetch Andrew Haley's (the OpenJDK 8 and 11 Updates OpenJDK project lead) key so we can verify that the OpenJDK key was signed by it
@@ -73,7 +77,9 @@ RUN set -eux; \
; \
rm openjdk.tgz*; \
\
-# TODO strip "demo" and "man" folders?
+ rm -rf "$JAVA_HOME/jre/lib/security/cacerts"; \
+# see "update-ca-trust" script which creates/maintains this cacerts bundle
+ ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/jre/lib/security/cacerts"; \
\
# https://github.com/oracle/docker-images/blob/a56e0d1ed968ff669d2e2ba8a1483d0f3acc80c0/OracleJava/java-8/Dockerfile#L17-L19
ln -sfT "$JAVA_HOME" /usr/java/default; \
@@ -84,13 +90,6 @@ RUN set -eux; \
alternatives --install "/usr/bin/$base" "$base" "$bin" 20000; \
done; \
\
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done; \
- if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi; \
-# see "update-ca-trust" script which creates/maintains this cacerts bundle
- rm -rf "$cacertsFile"; \
- ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$cacertsFile"; \
- \
# basic smoke test
javac -version; \
java -version
diff --git a/openjdk_8-slim/Dockerfile b/openjdk_8-slim/Dockerfile
index e6fd678..ee87a45 100644
--- a/openjdk_8-slim/Dockerfile
+++ b/openjdk_8-slim/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM debian:buster-slim
RUN set -eux; \
@@ -8,14 +14,12 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-8
+RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ] # backwards compatibility
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://adoptopenjdk.net/upstream.html
# >
@@ -34,11 +38,10 @@ ENV JAVA_VERSION 8u282
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# amd64
- amd64 | i386:x86-64) downloadUrl=https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u282-b08/OpenJDK8U-jdk_x64_linux_8u282b08.tar.gz ;; \
-# fallback
+ 'amd64') \
+ downloadUrl='https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u282-b08/OpenJDK8U-jdk_x64_linux_8u282b08.tar.gz'; \
+ ;; \
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -51,16 +54,17 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*; \
\
- wget -O openjdk.tgz.asc "$downloadUrl.sign"; \
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
+ wget --progress=dot:giga -O openjdk.tgz.asc "$downloadUrl.sign"; \
\
export GNUPGHOME="$(mktemp -d)"; \
+# pre-fetch Andrew Haley's (the OpenJDK 8 and 11 Updates OpenJDK project lead) key so we can verify that the OpenJDK key was signed by it
+# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
+# we pre-fetch this so that the signature it makes on the OpenJDK key can survive "import-clean" in gpg
+ gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
# TODO find a good link for users to verify this key is right (https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-April/000951.html is one of the only mentions of it I can find); perhaps a note added to https://adoptopenjdk.net/upstream.html would make sense?
# no-self-sigs-only: https://salsa.debian.org/debian/gnupg2/commit/c93ca04a53569916308b369c8b218dad5ae8fe07
gpg --batch --keyserver ha.pool.sks-keyservers.net --keyserver-options no-self-sigs-only --recv-keys CA5F11C6CE22644D42C6AC4492EF8D39DC13168F; \
-# also verify that key was signed by Andrew Haley (the OpenJDK 8 and 11 Updates OpenJDK project lead)
-# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190)
- gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \
gpg --batch --list-sigs --keyid-format 0xLONG CA5F11C6CE22644D42C6AC4492EF8D39DC13168F \
| tee /dev/stderr \
| grep '0xA5CD6035332FA671' \
@@ -78,8 +82,6 @@ RUN set -eux; \
; \
rm openjdk.tgz*; \
\
-# TODO strip "demo" and "man" folders?
- \
apt-mark auto '.*' > /dev/null; \
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
@@ -92,11 +94,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/jre/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
diff --git a/openjdk_8-windowsservercore-1809/Dockerfile b/openjdk_8-windowsservercore-1809/Dockerfile
index 16dcd72..b38cc08 100644
--- a/openjdk_8-windowsservercore-1809/Dockerfile
+++ b/openjdk_8-windowsservercore-1809/Dockerfile
@@ -1,13 +1,33 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:1809
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
+# enable TLS 1.2
+# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
+# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
+RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
+ $tls12RegBase = 'HKLM:\\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2'; \
+ if (Test-Path $tls12RegBase) { throw ('"{0}" already exists!' -f $tls12RegBase) }; \
+ New-Item -Path ('{0}/Client' -f $tls12RegBase) -Force; \
+ New-Item -Path ('{0}/Server' -f $tls12RegBase) -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
+
ENV JAVA_HOME C:\\openjdk-8
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://adoptopenjdk.net/upstream.html
# >
diff --git a/openjdk_8-windowsservercore-ltsc2016/Dockerfile b/openjdk_8-windowsservercore-ltsc2016/Dockerfile
index 559964b..6caeabc 100644
--- a/openjdk_8-windowsservercore-ltsc2016/Dockerfile
+++ b/openjdk_8-windowsservercore-ltsc2016/Dockerfile
@@ -1,13 +1,33 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:ltsc2016
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
+# enable TLS 1.2
+# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
+# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
+RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
+ $tls12RegBase = 'HKLM:\\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2'; \
+ if (Test-Path $tls12RegBase) { throw ('"{0}" already exists!' -f $tls12RegBase) }; \
+ New-Item -Path ('{0}/Client' -f $tls12RegBase) -Force; \
+ New-Item -Path ('{0}/Server' -f $tls12RegBase) -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
+
ENV JAVA_HOME C:\\openjdk-8
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://adoptopenjdk.net/upstream.html
# >
diff --git a/openjdk_buster/Dockerfile b/openjdk_buster/Dockerfile
index ca8b43d..dadd213 100644
--- a/openjdk_buster/Dockerfile
+++ b/openjdk_buster/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM buildpack-deps:buster-scm
RUN set -eux; \
@@ -7,27 +13,26 @@ RUN set -eux; \
unzip \
xz-utils \
\
-# utilities for keeping Debian and OpenJDK CA certificates in sync
- ca-certificates p11-kit \
- \
# jlink --strip-debug on 13+ needs objcopy: https://github.com/docker-library/openjdk/issues/351
# Error: java.io.IOException: Cannot run program "objcopy": error=2, No such file or directory
binutils \
+ \
# java.lang.UnsatisfiedLinkError: /usr/local/openjdk-11/lib/libfontmanager.so: libfreetype.so.6: cannot open shared object file: No such file or directory
# java.lang.NoClassDefFoundError: Could not initialize class sun.awt.X11FontManager
# https://github.com/docker-library/openjdk/pull/235#issuecomment-424466077
fontconfig libfreetype6 \
+ \
+# utilities for keeping Debian and OpenJDK CA certificates in sync
+ ca-certificates p11-kit \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-15
+RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ] # backwards compatibility
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://jdk.java.net/
# >
@@ -38,23 +43,19 @@ ENV JAVA_VERSION 15.0.2
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# arm64v8
- arm64 | aarch64) \
- downloadUrl=https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-aarch64_bin.tar.gz; \
- downloadSha256=3958f01858f9290c48c23e7804a0af3624e8eca6749b085c425df4c4f2f7dcbc; \
+ 'amd64') \
+ downloadUrl='https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-x64_bin.tar.gz'; \
+ downloadSha256='91ac6fc353b6bf39d995572b700e37a20e119a87034eeb939a6f24356fbcd207'; \
;; \
-# amd64
- amd64 | i386:x86-64) \
- downloadUrl=https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-x64_bin.tar.gz; \
- downloadSha256=91ac6fc353b6bf39d995572b700e37a20e119a87034eeb939a6f24356fbcd207; \
+ 'arm64') \
+ downloadUrl='https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-aarch64_bin.tar.gz'; \
+ downloadSha256='3958f01858f9290c48c23e7804a0af3624e8eca6749b085c425df4c4f2f7dcbc'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
echo "$downloadSha256 *openjdk.tgz" | sha256sum --strict --check -; \
\
mkdir -p "$JAVA_HOME"; \
@@ -64,7 +65,7 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
\
# update "cacerts" bundle to use Debian's CA certificates (and make sure it stays up-to-date with changes to Debian's store)
# see https://github.com/docker-library/openjdk/issues/327
@@ -74,11 +75,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
diff --git a/openjdk_nanoserver-1809/Dockerfile b/openjdk_nanoserver-1809/Dockerfile
index 271e09b..562bc9e 100644
--- a/openjdk_nanoserver-1809/Dockerfile
+++ b/openjdk_nanoserver-1809/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/nanoserver:1809
SHELL ["cmd", "/s", "/c"]
@@ -6,7 +12,8 @@ ENV JAVA_HOME C:\\openjdk-15
# "ERROR: Access to the registry path is denied."
USER ContainerAdministrator
RUN echo Updating PATH: %JAVA_HOME%\bin;%PATH% \
- && setx /M PATH %JAVA_HOME%\bin;%PATH%
+ && setx /M PATH %JAVA_HOME%\bin;%PATH% \
+ && echo Complete.
USER ContainerUser
# https://jdk.java.net/
@@ -19,7 +26,8 @@ COPY --from=openjdk:15.0.2-jdk-windowsservercore-1809 $JAVA_HOME $JAVA_HOME
RUN echo Verifying install ... \
&& echo javac --version && javac --version \
- && echo java --version && java --version
+ && echo java --version && java --version \
+ && echo Complete.
# "jshell" is an interactive REPL for Java (see https://en.wikipedia.org/wiki/JShell)
CMD ["jshell"]
diff --git a/openjdk_oracle/Dockerfile b/openjdk_oracle/Dockerfile
index b9a435f..c185f8d 100644
--- a/openjdk_oracle/Dockerfile
+++ b/openjdk_oracle/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM oraclelinux:8-slim
RUN set -eux; \
@@ -14,12 +20,12 @@ RUN set -eux; \
; \
microdnf clean all
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/java/openjdk-15
ENV PATH $JAVA_HOME/bin:$PATH
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
+
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
@@ -28,21 +34,16 @@ ENV JAVA_VERSION 15.0.2
RUN set -eux; \
\
- objdump="$(command -v objdump)"; \
- arch="$(objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
-# this "case" statement is generated via "update.sh"
+ arch="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
case "$arch" in \
-# arm64v8
- arm64 | aarch64) \
- downloadUrl=https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-aarch64_bin.tar.gz; \
- downloadSha256=3958f01858f9290c48c23e7804a0af3624e8eca6749b085c425df4c4f2f7dcbc; \
+ 'i386:x86-64') \
+ downloadUrl='https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-x64_bin.tar.gz'; \
+ downloadSha256='91ac6fc353b6bf39d995572b700e37a20e119a87034eeb939a6f24356fbcd207'; \
;; \
-# amd64
- amd64 | i386:x86-64) \
- downloadUrl=https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-x64_bin.tar.gz; \
- downloadSha256=91ac6fc353b6bf39d995572b700e37a20e119a87034eeb939a6f24356fbcd207; \
+ 'aarch64') \
+ downloadUrl='https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-aarch64_bin.tar.gz'; \
+ downloadSha256='3958f01858f9290c48c23e7804a0af3624e8eca6749b085c425df4c4f2f7dcbc'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -56,7 +57,11 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
+ \
+ rm -rf "$JAVA_HOME/lib/security/cacerts"; \
+# see "update-ca-trust" script which creates/maintains this cacerts bundle
+ ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
\
# https://github.com/oracle/docker-images/blob/a56e0d1ed968ff669d2e2ba8a1483d0f3acc80c0/OracleJava/java-8/Dockerfile#L17-L19
ln -sfT "$JAVA_HOME" /usr/java/default; \
@@ -71,10 +76,6 @@ RUN set -eux; \
# https://openjdk.java.net/jeps/341
java -Xshare:dump; \
\
-# see "update-ca-trust" script which creates/maintains this cacerts bundle
- rm -rf "$JAVA_HOME/lib/security/cacerts"; \
- ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
- \
# basic smoke test
fileEncoding="$(echo 'System.out.println(System.getProperty("file.encoding"))' | jshell -s -)"; [ "$fileEncoding" = 'UTF-8' ]; rm -rf ~/.java; \
javac --version; \
diff --git a/openjdk_oraclelinux7/Dockerfile b/openjdk_oraclelinux7/Dockerfile
index 37eb142..2b54afc 100644
--- a/openjdk_oraclelinux7/Dockerfile
+++ b/openjdk_oraclelinux7/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM oraclelinux:7-slim
RUN set -eux; \
@@ -14,12 +20,12 @@ RUN set -eux; \
; \
rm -rf /var/cache/yum
-# Default to UTF-8 file.encoding
-ENV LANG en_US.UTF-8
-
ENV JAVA_HOME /usr/java/openjdk-15
ENV PATH $JAVA_HOME/bin:$PATH
+# Default to UTF-8 file.encoding
+ENV LANG en_US.UTF-8
+
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
@@ -28,21 +34,16 @@ ENV JAVA_VERSION 15.0.2
RUN set -eux; \
\
- objdump="$(command -v objdump)"; \
- arch="$(objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
-# this "case" statement is generated via "update.sh"
+ arch="$(objdump="$(command -v objdump)" && objdump --file-headers "$objdump" | awk -F '[:,]+[[:space:]]+' '$1 == "architecture" { print $2 }')"; \
case "$arch" in \
-# arm64v8
- arm64 | aarch64) \
- downloadUrl=https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-aarch64_bin.tar.gz; \
- downloadSha256=3958f01858f9290c48c23e7804a0af3624e8eca6749b085c425df4c4f2f7dcbc; \
+ 'i386:x86-64') \
+ downloadUrl='https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-x64_bin.tar.gz'; \
+ downloadSha256='91ac6fc353b6bf39d995572b700e37a20e119a87034eeb939a6f24356fbcd207'; \
;; \
-# amd64
- amd64 | i386:x86-64) \
- downloadUrl=https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-x64_bin.tar.gz; \
- downloadSha256=91ac6fc353b6bf39d995572b700e37a20e119a87034eeb939a6f24356fbcd207; \
+ 'aarch64') \
+ downloadUrl='https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-aarch64_bin.tar.gz'; \
+ downloadSha256='3958f01858f9290c48c23e7804a0af3624e8eca6749b085c425df4c4f2f7dcbc'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -56,7 +57,11 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
+ \
+ rm -rf "$JAVA_HOME/lib/security/cacerts"; \
+# see "update-ca-trust" script which creates/maintains this cacerts bundle
+ ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
\
# https://github.com/oracle/docker-images/blob/a56e0d1ed968ff669d2e2ba8a1483d0f3acc80c0/OracleJava/java-8/Dockerfile#L17-L19
ln -sfT "$JAVA_HOME" /usr/java/default; \
@@ -71,10 +76,6 @@ RUN set -eux; \
# https://openjdk.java.net/jeps/341
java -Xshare:dump; \
\
-# see "update-ca-trust" script which creates/maintains this cacerts bundle
- rm -rf "$JAVA_HOME/lib/security/cacerts"; \
- ln -sT /etc/pki/ca-trust/extracted/java/cacerts "$JAVA_HOME/lib/security/cacerts"; \
- \
# basic smoke test
fileEncoding="$(echo 'System.out.println(System.getProperty("file.encoding"))' | jshell -s -)"; [ "$fileEncoding" = 'UTF-8' ]; rm -rf ~/.java; \
javac --version; \
diff --git a/openjdk_slim/Dockerfile b/openjdk_slim/Dockerfile
index b77d647..76d3253 100644
--- a/openjdk_slim/Dockerfile
+++ b/openjdk_slim/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM debian:buster-slim
RUN set -eux; \
@@ -8,14 +14,12 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*
-# Default to UTF-8 file.encoding
-ENV LANG C.UTF-8
-
ENV JAVA_HOME /usr/local/openjdk-15
+RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ] # backwards compatibility
ENV PATH $JAVA_HOME/bin:$PATH
-# backwards compatibility shim
-RUN { echo '#/bin/sh'; echo 'echo "$JAVA_HOME"'; } > /usr/local/bin/docker-java-home && chmod +x /usr/local/bin/docker-java-home && [ "$JAVA_HOME" = "$(docker-java-home)" ]
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
# https://jdk.java.net/
# >
@@ -26,19 +30,15 @@ ENV JAVA_VERSION 15.0.2
RUN set -eux; \
\
arch="$(dpkg --print-architecture)"; \
-# this "case" statement is generated via "update.sh"
case "$arch" in \
-# arm64v8
- arm64 | aarch64) \
- downloadUrl=https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-aarch64_bin.tar.gz; \
- downloadSha256=3958f01858f9290c48c23e7804a0af3624e8eca6749b085c425df4c4f2f7dcbc; \
+ 'amd64') \
+ downloadUrl='https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-x64_bin.tar.gz'; \
+ downloadSha256='91ac6fc353b6bf39d995572b700e37a20e119a87034eeb939a6f24356fbcd207'; \
;; \
-# amd64
- amd64 | i386:x86-64) \
- downloadUrl=https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-x64_bin.tar.gz; \
- downloadSha256=91ac6fc353b6bf39d995572b700e37a20e119a87034eeb939a6f24356fbcd207; \
+ 'arm64') \
+ downloadUrl='https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-aarch64_bin.tar.gz'; \
+ downloadSha256='3958f01858f9290c48c23e7804a0af3624e8eca6749b085c425df4c4f2f7dcbc'; \
;; \
-# fallback
*) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
esac; \
\
@@ -49,7 +49,7 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*; \
\
- wget -O openjdk.tgz "$downloadUrl" --progress=dot:giga; \
+ wget --progress=dot:giga -O openjdk.tgz "$downloadUrl"; \
echo "$downloadSha256 *openjdk.tgz" | sha256sum --strict --check -; \
\
mkdir -p "$JAVA_HOME"; \
@@ -59,7 +59,7 @@ RUN set -eux; \
--strip-components 1 \
--no-same-owner \
; \
- rm openjdk.tgz; \
+ rm openjdk.tgz*; \
\
apt-mark auto '.*' > /dev/null; \
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
@@ -73,11 +73,7 @@ RUN set -eux; \
{ \
echo '#!/usr/bin/env bash'; \
echo 'set -Eeuo pipefail'; \
- echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \
-# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory)
- echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \
- echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \
- echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \
+ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/lib/security/cacerts"'; \
} > /etc/ca-certificates/update.d/docker-openjdk; \
chmod +x /etc/ca-certificates/update.d/docker-openjdk; \
/etc/ca-certificates/update.d/docker-openjdk; \
diff --git a/openjdk_windowsservercore-1809/Dockerfile b/openjdk_windowsservercore-1809/Dockerfile
index e5082e6..4c1858b 100644
--- a/openjdk_windowsservercore-1809/Dockerfile
+++ b/openjdk_windowsservercore-1809/Dockerfile
@@ -1,9 +1,15 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:1809
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
-# enable TLS 1.2 (Nano Server doesn't support using "[Net.ServicePointManager]::SecurityProtocol")
+# enable TLS 1.2
# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
@@ -14,13 +20,14 @@ RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-n
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
- New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
ENV JAVA_HOME C:\\openjdk-15
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://jdk.java.net/
# >
diff --git a/openjdk_windowsservercore-ltsc2016/Dockerfile b/openjdk_windowsservercore-ltsc2016/Dockerfile
index d7be314..99ad23a 100644
--- a/openjdk_windowsservercore-ltsc2016/Dockerfile
+++ b/openjdk_windowsservercore-ltsc2016/Dockerfile
@@ -1,9 +1,15 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM mcr.microsoft.com/windows/servercore:ltsc2016
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
-# enable TLS 1.2 (Nano Server doesn't support using "[Net.ServicePointManager]::SecurityProtocol")
+# enable TLS 1.2
# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
@@ -14,13 +20,14 @@ RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-n
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
- New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force
+ New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
+ Write-Host 'Complete.'
ENV JAVA_HOME C:\\openjdk-15
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
-# Nano Server does not have "[Environment]::SetEnvironmentVariable()"
- setx /M PATH $newPath
+ setx /M PATH $newPath; \
+ Write-Host 'Complete.'
# https://jdk.java.net/
# >
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes: